Q1

One important difference between symmetric and public key systems is that in
symmetric key systems both the sender and receiver must know the same (secret)
key.In public key systems, the encryption and decryption keys are distinct.The
encryption key is known by the entire world (including the sender), but the
decryption key is known only by the receiver.
Q2.1
Given the key notation in the diagram (PA, SA, PB):

PA represents Alice’s public key.

SA is Alice’s private key.
PB is Bob’s public key.
To authenticate a message to Bob, Alice should use her private key (SA) to encrypt
(or more precisely, to digitally sign) the message. This process does not provide
secrecy but ensures that Bob can verify that the message was indeed sent by Alice
because only Alice has access to her private key. Bob, or anyone else for that
matter, can use Alice’s public key (PA) to verify the signature.

If the message was encrypted with Alice's private key (SA), anyone with Alice's
public key (PA) can decrypt it, which means they can read the message, so it's not
secret. However, because only Alice has her private key, the decryption of the
message using her public key authenticates that the message was signed by Alice.

If the question implies that the message should be both encrypted for
confidentiality and authenticated, then the process would typically involve two
steps:

Alice first signs the message with her private key for authentication.
Then she encrypts the signed message with Bob's public key (PB) for
confidentiality.
For the specific scenario in the question, if we assume that encryption in this
context means signing (since encryption for secrecy would use Bob's public key and
not Alice's), Alice should use her private key (SA) to encrypt the message for
authentication. Bob can then decrypt the message using Alice's public key (PA) to
verify the signature and thus authenticate that the message came from Alice.
Q2.2
When a client (like Alice's browser) connects to Amazon.com, the website presents
its certificate. The browser checks that the domain name matches, verifies the CA's
signature using the CA's public key (which the browser already trusts), checks the
validity dates, and then uses the provided public key to initiate a secure
communication, often involving additional steps like a handshake protocol to
establish session keys for encryption.
In summary, the certificate sent from the CA to Amazon.com will include
Amazon.com's public key (PM), domain name, and the CA's digital signature, among
other pieces of information. The CA's digital signature is particularly crucial
because it ensures that the public key really belongs to Amazon.com and has not
been issued fraudulently. This signature process relies on the trustworthiness of
the CA; thus, it is encrypted with the CA's secret (or private) key, which should
be protected rigorously by the CA.
Q3
By applying a backward shift of 7 letters to the cipher text "MWA-PH: Kv fvb
ilsplcl pu yhukvtulzz?", the decrypted text is revealed as "FPT-IA: Do you believe
in randomness?". This decryption aligns with the pattern of the provided partial
plain text "F**_**: ** *** ******* ** **********?", confirming that the shift used
in the cipher was indeed 7.
The process involved analyzing the given patterns, identifying the shift based on
the transformation of known letters, and then applying the inverse of that shift to
the entire cipher text. The result, "Do you believe in randomness?", suggests a
question possibly related to the concept of randomness in some context, which was
encrypted using the Caesar cipher technique. This method of decryption is
straightforward for the Caesar cipher, as it relies on a fixed shift of letters in
the alphabet, making it one of the simplest forms of cryptography.