Scribd
Upload
16 views

Assignment 3

This document contains instructions for Assignment 3 in COMPSCI 3IS3. It consists of 3 questions: 1. Explain why the key sizes of some cryptosystems are significantly larger than their security parameters. 2. (a) Run the Extended Euclidean Algorithm on input 110 and 625 and write down the values at each iteration. (b) Implement the algorithm in Python for much larger inputs and write down the final values. 3. (a) Explain how an attacker could recover an AES key K from K^e if e is too small in an RSA key exchange. (b) Describe an improved protocol that hashes a random element m from Z_n to derive the shared

Uploaded by

ibrahimango3
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

Assignment 3

This document contains instructions for Assignment 3 in COMPSCI 3IS3. It consists of 3 questions: 1. Explain why the key sizes of some cryptosystems are significantly larger than their security parameters. 2. (a) Run the Extended Euclidean Algorithm on input 110 and 625 and write down the values at each iteration. (b) Implement the algorithm in Python for much larger inputs and write down the final values. 3. (a) Explain how an attacker could recover an AES key K from K^e if e is too small in an RSA key exchange. (b) Describe an improved protocol that hashes a random element m from Z_n to derive the shared

Uploaded by

ibrahimango3
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

COMPSCI 3IS3 - Assignment 3

1. (10 marks) Recall the concept of security level for a cryptosystem. We say that a system
provides λ bits of security, if the best known attack against the system takes Ω(2λ )
operations. The integer λ is sometimes called the security parameter. Explain why the
key sizes of some cryptosystems are significantly larger than their security parameters.
2. (30 marks)
(a) Run the Extended Euclidean Algorithm for the inputs r0 = 110 and r1 = 625. Write
down the values ri , si and ti for each iteration.
(b) Implement the Extended Euclidean Algorithm in python3. Run your algorithm on
the input
r0 = 164554569211088430770706425287401139967,
r1 = 316812464220963669296170073138677641820785101655675695
What are the final r, s, and t for the above input?
3. (60 marks) In the class we talked about how we can perform a key exchange using a
public-key scheme: To share a secret K with Bob, Alice encrypts K using Bob’s public
key and sends the ciphertext to Bob. Bob uses his private key to decrypt the ciphertext
and recover K. Now they both have K. They can use K as a key to communicate using
a much faster symmetric-key scheme such as AES.
(a) Suppose the public-key scheme used above is RSA. Bob’s public key is (n, e) where
n is the modulus. In practice, n is usually a 2048-bit integer, and e is small. To
share an AES key K, Alice computes y = K e mod n, and sends y to Bob. Bob uses
his private key d to computes y d = K ed = K mod n. Now, for an AES key, K is
128 bits. If e is small enough, say smaller than 16, then K e < n. This means, no
reduction mod n happens in computing K e . This is dangerous! Remember that K e
is transmitted publicly, so, everybody can access it. Explain how Trudy can recover
K from K e .
(b) One way to prevent the situation in (a) is to use larger integer, i.e., an element of Zn ,
for encryption. To do this, Alice can use a secure hash function H that has 128-bit
outputs. In this case, instead of encrypting K, Alice encrypts a random element m
from Zn , and chooses H(m) as the shared key. Write down the new key-exchange
protocol. Remember, H is a publicly known hash function, so, Bob and everybody
else can use it. Explain why Trudy cannot break this new scheme.

You might also like