Assignment 8, due Apr 9
Part of
the homework for 22C:169, Spring 2010
|
Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated (usually a Friday), and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.
In the RSA system, each participant i picks a private key pri which they do not disclose from which they compute the public key pui which they publish. To encrypt a message from participant i to j, Messages encrypted with pui can only be decrypted with pri, and messages encrypted with pri can only be decrypted with pui.
Both cryptosystems allow secure communication between users i and j, but they have some different properties. Suppose user i wishes to send user j a secret message under the RSA algorithm, with an assurance that only user i could possibly have sent the message and only user j can decrypt it.
a) How do we do this under the RSA algorithm. (0.5 points)
b) How do we do this using the approach to Diffie-Hellman key exchange outlined above. (0.5 points)
c) Suppose, with both schemes, that the message being transmitted has been compressed so that, by the time it is encrypted, it is indistinguishable from a random bit pattern. What problem does this pose? (0.5 points)
d) (0.5 points) If the public and private keys used with the Diffie Hellman and RSA systems are identical in length, n bits, which system is more secure? Why?
a) Encrypt the codebook with a symmetric key cypher before the election, then divide the key into segments and give each segment to a leader of one political party. At the close of the election, the party leaders must all cooperate to decrypt the codebook. (0.5 points)
b) Compute a secure hash function (a one-way function) of the codebook and publish the hash in the newspaper before the election. (0.5 points)
c) Use RSA. Specifically, encrypt the codebook with the government's private key and publish the public key in the newspaper before the election. (0.5 points)
d) Use RSA. Specifically, encrypt the codebook with the public keys provided by each political party (in alphabetical order, by party name), and then, after the polls close, let each party, in turn, decrypt the codebook with its private key.
a) Suppose you were a malware author intent on writing a "spearphishing" attack on a user who is known to use such devices. Describe the malware you might attempt to inject in computers they are known to use aimed at learning the passwords they use with this device. (0.5 points)
b) Suppose you are the vendor of this drive, and you realize that you could make lots of money on the side if you could break into encrypted drives. What undocumented firmware features could you install in the thumb drive to allow you free access to the data. (0.5 points)