CS588: Cryptology - Principles and Applications, Fall 2001
Manifest: Wednesday 3 October 2001
Assignments Due Wednesday, 10 October Problem Set 3 Wednesday, 17 October No Class Wednesday, 24 October Midterm
ReadingsMBC Chapter 18 has some "sketches" of protocols. We will explore several of these protocols in more detail in later classes.
A Private Matchmaking Protocol, Kan Zhang and Roger Needham. Optional, but useful if you are trying Challenge #2.
- Here is the RSA algorithm, with some pieces missing. Fill in the blanks:
- Pick 2 large secret primes, p and q.
- Let n = pq [blank 1]
- Choose e and d so: ed ≡ 1 mod (p - 1) (q - 1) [blank 2]
- Encryption function (public): E(M) = Me mod n.
- Decryption function (private): D(C) = Cd mod n [blank 3]
- What is the private key?
d or (d, n). To do decryption, we need to know d and n. No one else can know d. The public key is (e, n). Note that p and q must be kept secret, but are not part of the private key (we don't need them to decrypt). They should be destroyed after computing d.
- What is the range of M that can be reliably transmitted using RSA?
0..n-1. We are transmitting Me mod n, so we could not transmit more than n different messages without having two messages map to the same ciphertext.
- Why would n be a bad choice for the modulus: ed ≡ 1 mod _____.
- What are the properties of a good cryptographic hash algorithm? How do we evaluate how well a particular algorithm satisfies those properties?
- What is the difference between weak collision resistance and strong collision resistance?
- Give a good n-bit hashing function, how hard is it to find x such that H(x) = h?
- Give a good n-bit hashing function, how hard is it to find x and y such that H(x) = H(y)?
- How can Alice send a message to Bob without revealing to anyone else that she is sending a message to Bob?
University of Virginia
Department of Computer Science
CS 588: Cryptology - Principles and Applications