1 : Suppose that a system uses textbook RSA encryption. An attacker wants to decrypt a ciphertext c to obtain the corresponding confidential plaintext m. Assume that the victim system readily decrypts arbitrary ciphertexts that the attacker can choose, except for ciphertext c itself. Show that the attacker can obtain m from c even under this setting, i.e a chosen ciphertext attack is possible.
2 : In a public-key system using RSA, you intercept the Ciphertext 10 sent to a user whose public key is e = 5, n = 35. What is the plaintext M?
The following problems are from the text book (Pfleeger, 4th edition):
33: Why do cryptologists recommend changing the encryption key from time to time? How frequently should a cryptographic key be changed?
34: Humans are said to be the weakest link in any security system. Give an example of human failure that could lead to compromise of encrypted data.
5: Explain why 2^n is the difficulty factor for a deterministic solution to a nondeterministic problem of time n. That is, justify that the time bound 2^n is correct.
13: With a public key encryption, suppose A wants to send a message to B. Let A_PUB and A_PRIV be A's public key and private key, respectively; similarly for B. Suppose C knows both public keys but neither private key. If A sends a message to B, what encryption should A use so that only B can decrypt the message? (This property is called secrecy.) Can A encrypt a message so that anyone receiving the message will be assured the message came only from A? (This property is called authenticity.) How or why not? Can A achieve both secrecy and authenticity for one message? How or why not?
20: Find keys d and e for the RSA cryptosystem where p = 7 and q = 11.
21: Find primes p and q so that 12-bit plaintext blocks could be encrypted with RSA.
What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy of the solutions) to be uploaded as a single file to WebCT.