Cryptography Unit II

Unit- II

Public Key Cryptography

1. What is meant by Diffie-Hellman key exchange?
The purpose for this algorithm is to enable two users to exchange a key securely that can then be used for subsequent encryption of messages. It depends for its effectiveness on the difficulty of computing discrete logarithms.

2. Compare the Symmetric and Asymmetric key cryptography.


S.No Symmetric key cryptography Asymmetric key cryptography
1. Same key is used for encryption and decryption. One key is used for encryption and decryption.
2. Very fast. Slower.
3. Key exchange is big problem. Key exchange is not problem.
4. Key must be kept secret. One of the two keys must be kept secret.

3. Define Fermat’s theorem.
Fermat’s theorem states that, if p is prime number and a is a +ve integer not divisible
by p then a p-1= 1(mod p).

4. What is a trapdoor one-way function?
A Trapdoor One-Way Function is a one-way function for which the inverse direction is given a certain piece of information (the trapdoor), but difficult otherwise.

5. Are strong primes necessary in RSA?
In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use so-called “strong” primes p and q to generate the modules n. Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p – 1 and a large prime factor of p+1. The reason for the concerns is that some factoring methods are especially suited to primes p such that p-1 or p+1 have only small factors; strong primes are resistant to these attacks.

6. What is meant by EIGamal cryptosystem?
The EIGamal system is a public-key cryptosystem based on the discrete logarithm problem. It consists of both encryption and signature algorithms. The encryption algorithm is similar in nature to the Diffie-Hellman key agreement protocol. The system parameters consist of a prime p and an integer g, whose powers modulo p generate a large number of elements, as in Diffie-Hellman. Alice has a private key and a public key y,
where y = gk (mod p). Suppose Bob wishes to send a message m to Alice. Bob first generates a random number k less than p. He then computes y1=gk (mod p) and y2=m XOR yk, where XOR denotes the bit-wise exclusive-or. Bob sends (y1, y2) to Alice.



7. What are Elliptic curve cryptosystems?
Elliptic curve cryptosystems are analogs of public-key cryptosystems such as RSA and EIGamal in which modular multiplication is replaced by the elliptic curve addition operation. The curves used in elliptic curve analogs of discrete logarithm cryptosystems are normally of the form y2=x3+ax+b (mod p), where p is prime. The problem tapped by the discrete logarithm analogs in elliptic curves is the elliptic curve logarithm problem, defined as follows: given a point G on an elliptic curve with order r (number of points on the curve) and another point Y on the curve, find a unique x(0 * r – 1) such that Y = xG, i.e., Y is the xth multiple of G.

8. What is differential cryptanalysis?
Differential cryptanalysis is a type of attack that can be mounted on iterative block ciphers. Differential cryptanalysis is basically a chosen plaintext attack and relies on an analysis of the evolution of the differences between two related plaintexts as they are encrypted under the same key. By careful analysis of the available data, probabilities can be assigned to each of the possible keys and eventually the most probable key is identified as the correct one.

12. What is Linear cryptanalysis?
Linear cryptanalysis is a known plaintext attack and uses a linear approximation to describe the behavior of the block cipher. Given sufficient pairs of plaintext and corresponding cipher text, bits of information about the key can be obtained and increased amounts of data will usually give a higher probability of success.
CBC mode is as secure as the underlying block cipher against standard attacks.

13. For long messages, RSA will be applied in blocks. If the block is very small, say it contains only one letter in each block, will the encryption be secure?
No. If the block contains only one letter, then each letter will be mapped to a fixed replacement. Thus it will become a substitution cipher and the cipher can be broken using frequency analysis.

14. What are the essential ingredients of a public-key directory?
• The authority maintains a directory with a entry for each participant.
• Each participant registers a public key with the directory authority.
• A participant may replace the existing key with a new one at any time.
• Participants could also access the directory electronically.

15. What is public-key certificate?
The public-key authority could be a bottleneck in the system, for a User must appeal to the authority for a public key for every other user that it wishes to contact, As before the directory of names and public keys maintained by the authority is vulnerable to tempering.

16. What are the requirements for the use of a public key certificate scheme?
• Any participant can read a certificate to determine the name and public key of the certificate’s owner.
• Any participant can verify that the certificate originated from the certificate authority and is not counterfeit
• Only the certificate authority can create and update certificates.
• Any participant can verify the currency of the certificate.

17. What is the life cycle of a key?
Keys have limited lifetimes for a number of reasons. The most important reason is protection against cryptanalysis. Each time the key is used, it generates a number of cipher texts. Ford describes the life cycle of a key as follows:
• Key generations and possibly registration for a public key.
• Key distribution
• Key activation/ deactivation
• Key replacement or key update
• Key revocation
• Key termination, involving destruction and possibly archival.

18. Define Fermat’s theorem.
Fermat’s theorem states the following.
If p is prime and a is positive integer not divisible by p, then
ap-1=1 mod p.
19. Define Euler’s theorem.
Euler’s theorem states that for every a and ‘n’ that are relatively prime.
aO (n)=1 mod n.

20. How can the timing attacks be remedied?
The timing attacks can be remedied by,
a. Constant exponentiation time.
b. Random delay
c. Blinding.
21. In RSA system, the public key of a given user is e = 31, n =3599, what is the private key of this user.
22. Explain the two ways for distributing secret keys using public key.


Part-B

1. Explain in detail, how key management is done in public key cryptography
2. Explain in detail, Diffie-Hellmann key exchange
3. Write about public key cryptography and RSA in detail
4. Define and prove Euler’s theorem and Fermat’s theorem.
5. Explain in detail, the elliptic curve architecture.