# Digital Signature CHAPTER 13. Review Questions. (Solution to Odd-Numbered Problems)

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 CHAPTER 13 Digital Signature (Solution to Odd-Numbered Problems) Review Questions 1. We mentioned four areas in which there is a differences between a conventional and a digital signature: inclusion, verification, document-signature relation, and duplicity. a. Inclusion: a conventional signature is included in the document; a digital signature is a separate document. b. Verification: A conventional signature is verified by comparing with the signature on file. The verifier of a digital signature needs to create a new signature. c. Relation: A document and a conventional signature has a one-to-many relation; a message and a digital signature has one-to-one relation. d. Duplicity: In conventional signature, a copy of the signed document can be distinguished from the original one on file. In digital signature, there is no such distinction unless there is a factor of time (such as a timestamp) on the document. 3. The following table shows the relationship between attacks on a cryptosystem and attacks on a digital signature. Cryptosystem attacks Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext Digital signature Attacks Key-only Known-message Chosen-message 5. The idea behind the RSA digital signature scheme is the same as the RSA cryptosystem, but the roles of the private and public keys are changed. First, the private and public keys of the sender, not the receiver, are used. Second, the sender uses her own private key to sign the document; the receiver uses the sender s public key to verify it. 1

2 2 7. The Schnorr digital signature scheme is similar the ElGamal digital signature but the size of the signatures are smaller. 9. The elliptic curve digital signature scheme is based on DSA, but uses elliptic curves. The scheme is similar to the elliptic curve cryptosystem in which the signer and verifiers manipulate points on an elliptic curve. Exercise 11. We have n = = φ(n) = (809 1) (751 1) = Since d = 23, we have e = d 1 mod φ(n) = a. We have S 1 = M 1 d mod n = mod = M 1 = S 1 e mod n = mod = 100 b. We have S 2 = M 2 d mod n = mod = 5627 M 2 = S 2 e mod n = mod = 50 c. If M = M 1 M 2 = 5000, we have S = Md mod n = mod = S = (S 1 S 2 ) mod n = ( ) mod = We have q = 83, p = 997, and d = 23. We choose e 0 = 7. Then e 1 = e 0 (p 1)/q mod p = 9 e 2 = e 1 d mod p = 521. We calculate S 1 and S 2 in mod q. We let h(40067) = 81 (The actual value does not matter here). S 1 = h(m e 1 r mod p) = h( mod p) = h(400 67) = h(40067) = 81 S 2 = r + ds 1 mod q = mod 83 = 48 We can verify the signature assuming that h(40067) = 81. S V = h(m e 2 S 1 e 1 2 mod p) = h( mod 997) = V = h( mod 997) = h( mod 997) = V = h(400 67) = h(40067) = a. In RSA scheme S = M d mod n. This means that the value of S can be as large as (n 1). In other words the size of S n 1024 bits.

3 3 b. In ElGamal scheme S 1 = ( ) mod p and S 2 = ( ) mod (p 1). This means that the value of S 1 can be as large as (p 1) and the value of S 2 can be as large as (p 2) In other words the size of S 1 p 1024 bits and the size of S 2 p 1024 bits. This means the sign of the signature is 2048 bits. c. In Schnorr scheme S 1 = h (...) and S 2 = ( ) mod (q). This means that the value of S 1 is exactly equals h (...) and the value of S 2 can be as large as (q 1). Since q is required to be the same size as q. The size of S 1 q 160 bits and the size of S 2 q 160 bits. This means the sign of the signature is 320 bits. The signature in Schnorr is much smaller than signature in ElGamal. d. In DSS scheme S 1 = ( ) mod q S 2 = ( ) mod q. This means that the value of S 1 and S 2 can be as large as (q 1). The size of S 1 = S 2 q 160 bits and the This means the sign of the signature is 320 bits. The signature in DSS is the same size as the signature in the Schnorr scheme. 17. In all of these schemes, Eve can calculate the value of d if she intercept a message and its signature. She can then forge a message from Alice to Bob. Each case is described separately in Exercises 23, 24, and If p = 19 and q = 3, n = 57. Eve can easily calculate φ(n) = φ(57) = 36. Since e is public, Eve can find d = e 1 mod n. Eve can now choose a message of her own M, calculate S = M d mod n. Eve then sends M and S to Bob and pretends that they are coming from Alice. 21. If p = 29 and q = 7, then the value of d is between 2 and 7 (it should be less than q 1). Since e 2 = e d 1 mod p and the values of e 1, e 2, p, and q are public, Eve can find the value of d using exhaustive search. Eve can now choose a message of her own M, calculates S 1 and S 2. Eve then sends M, S 1, and S 2 to Bob and pretends that they are coming from Alice. 23. In ElGamal scheme, if Eve can somehow finds out what value of r is used by Alice to calculate the signature for a particular message, the whole system is broken. Eve knows the value of M, S 1, S 2 and r. She can calculate the value of d as shown below: d = (M rs 2 )S 1 1 mod (p 1) This is possible if gcd(s 1, p 1) = 1, which is very probable. When d is found, Eve can choose a message of her own (selective forgery), calculate the signature and send them to Bob fooling him that the message is coming from Alice. 25. In DSS scheme, if the value of r revealed, the whole system is broken. Eve knows the value of M, S 1, S 2 and r. She can calculate the value of d as shown below: d = (rs 2 h(m))s 1 1 mod q This is possible if gcd(s 1, q) = 1, which is very probable. When d is found, Eve can choose a message of her own (selective forgery), calculate the signature and send them to Bob fooling him that the message is coming from Alice.

4 4 27. This is done to make the calculation possible because if a x a y mod p, then x y mod (p 1). 29. In the DSS scheme, we need to make both S 1 and S 2 smaller than q. However, to make it more difficult for Eve to find the value of r, we first do exponentiation in modulo p (which is much larger than q), but we apply another modulo operation to reduce the size of S 1. In case of S 2, since there is no exponentiation and the size of the digest is smaller than q, we need to apply only a modulo q operation to make the size of S 2 smaller than q. 31. We start with V and show that it is congruent to S 1. Let h(m) = x. xs 2 1 e 2 S 1 S 2 1 = (e 1 x e 2 S 1 ) S2 1 x e 1 ds1 ) S2 1 // Since e 2 = e 1 d mod p x + ds1 ) S2 1 rs 2 ) S2 1 // Since S 2 = (x + ds) r 1 mod q r ) S2S2 1 = (e 1 r ) = S RSA_Signing (M, d, n) S M d mod n return (M, S) RSA_Verifying (M, e, n, S) M S e mod n if (M = M) Accept M else Reject M

5 5 35. Schnorr_Signing (M, r, e 1, d, p, q) S 1 h (M e 1 r mod p) S 2 (r + d S 1 ) mod q return (M, S 1, S 2 ) Schnorr_Verifying (M, e 1, e 2, p, q, S 1, S 2 ) V h (M e 1 S 1 e2 S 2 mod p) if (S 1 = V) Accept M else Reject M 37. EllipticCurve_Signing (M, a, b, r, e 1 (, ), d, p, q) P(u, v) r e 1 (, ) S 1 u mod q S 2 (h (M) + d S 1 ) r 1 mod q return (M, S 1, S 2 ) EllipticCurve_Verifying (M, a, b, e 1 (, ), e 1 (, ), p, q, S 1, S 2 ) A (h (M) S 2 1 ) mod q B (S 1 S 2 1 ) mod q T(x, y) A e 1 (, ) + B e 1 (, ) V x mod q if (S 1 = V) Accept M else Reject M

6 6

### Digital Signatures. Good properties of hand-written signatures:

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it is a part of the document) 4. Signed document is

### Digital Signature. Raj Jain. Washington University in St. Louis

Digital Signature Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem

Digital Signatures Murat Kantarcioglu Based on Prof. Li s Slides Digital Signatures: The Problem Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies

### Signature Schemes. CSG 252 Fall 2006. Riccardo Pucella

Signature Schemes CSG 252 Fall 2006 Riccardo Pucella Signatures Signatures in real life have a number of properties They specify the person responsible for a document E.g. that it has been produced by

### Digital signatures. Informal properties

Digital signatures Informal properties Definition. A digital signature is a number dependent on some secret known only to the signer and, additionally, on the content of the message being signed Property.

### Introduction to Cryptography CS 355

Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru

### Digital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?

Cryptography Digital Signatures Professor: Marius Zimand Digital signatures are meant to realize authentication of the sender nonrepudiation (Note that authentication of sender is also achieved by MACs.)

### Implementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University

Implementation and Comparison of Various Digital Signature Algorithms -Nazia Sarang Boise State University What is a Digital Signature? A digital signature is used as a tool to authenticate the information

### Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport

### Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

### Cryptography: RSA and Factoring; Digital Signatures; Ssh

Cryptography: RSA and Factoring; Digital Signatures; Ssh Greg Plaxton Theory in Programming Practice, Spring 2005 Department of Computer Science University of Texas at Austin The Hardness of Breaking RSA

### DIGITAL SIGNATURES 1/1

DIGITAL SIGNATURES 1/1 Signing by hand COSMO ALICE ALICE Pay Bob \$100 Cosmo Alice Alice Bank =? no Don t yes pay Bob 2/1 Signing electronically Bank Internet SIGFILE } {{ } 101 1 ALICE Pay Bob \$100 scan

### Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

### Overview of Public-Key Cryptography

CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

### Part VII. Digital signatures

Part VII Digital signatures CHAPTER 7: Digital signatures Digital signatures are one of the most important inventions/applications of modern cryptography. The problem is how can a user sign a message such

### Computer Security: Principles and Practice

Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

### Application of Digital Signature for Securing Communication Using RSA Scheme based on MD5

Application of Digital Signature for Securing Communication Using RSA Scheme based on MD5 Fashoto S.G, Gbadeyan J.A and Okeyinka E.A Redeemer s University, Redemption camp Mowe, Ogun State gbengafash@yahoo.com

### Software Implementation of Gong-Harn Public-key Cryptosystem and Analysis

Software Implementation of Gong-Harn Public-key Cryptosystem and Analysis by Susana Sin A thesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Master

### Authentication requirement Authentication function MAC Hash function Security of

UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

### Introduction to Computer Security

Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

### Crittografia e sicurezza delle reti. Digital signatures- DSA

Crittografia e sicurezza delle reti Digital signatures- DSA Signatures vs. MACs Suppose parties A and B share the secret key K. Then M, MAC K (M) convinces A that indeed M originated with B. But in case

### CRC Press has granted the following specific permissions for the electronic version of this book:

This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone, CRC Press, 1996. For further information, see www.cacr.math.uwaterloo.ca/hac CRC Press has

### Public Key Cryptography. Performance Comparison and Benchmarking

Public Key Cryptography Performance Comparison and Benchmarking Tanja Lange Department of Mathematics Technical University of Denmark tanja@hyperelliptic.org 28.08.2006 Tanja Lange Benchmarking p. 1 What

### UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 6 Introduction to Public-Key Cryptography Israel Koren ECE597/697 Koren Part.6.1

### Textbook: Introduction to Cryptography 2nd ed. By J.A. Buchmann Chap 12 Digital Signatures

Textbook: Introduction to Cryptography 2nd ed. By J.A. Buchmann Chap 12 Digital Signatures Department of Computer Science and Information Engineering, Chaoyang University of Technology 朝 陽 科 技 大 學 資 工

### Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian

### Communications security

University of Roma Sapienza DIET Communications security Lecturer: Andrea Baiocchi DIET - University of Roma La Sapienza E-mail: andrea.baiocchi@uniroma1.it URL: http://net.infocom.uniroma1.it/corsi/index.htm

### Computer Science 308-547A Cryptography and Data Security. Claude Crépeau

Computer Science 308-547A Cryptography and Data Security Claude Crépeau These notes are, largely, transcriptions by Anton Stiglic of class notes from the former course Cryptography and Data Security (308-647A)

### Cryptography and Network Security

Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

### Lecture Note 7 AUTHENTICATION REQUIREMENTS. Sourav Mukhopadhyay

Lecture Note 7 AUTHENTICATION REQUIREMENTS Sourav Mukhopadhyay Cryptography and Network Security - MA61027 In the context of communications across a network, the following attacks can be identified: 1.

### A New Efficient Digital Signature Scheme Algorithm based on Block cipher

IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727Volume 7, Issue 1 (Nov. - Dec. 2012), PP 47-52 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### Digital Signatures. Prof. Zeph Grunschlag

Digital Signatures Prof. Zeph Grunschlag (Public Key) Digital Signatures PROBLEM: Alice would like to prove to Bob, Carla, David,... that has really sent them a claimed message. E GOAL: Alice signs each

### An Approach to Shorten Digital Signature Length

Computer Science Journal of Moldova, vol.14, no.342, 2006 An Approach to Shorten Digital Signature Length Nikolay A. Moldovyan Abstract A new method is proposed to design short signature schemes based

### Digital signatures are one of the most important inventions/applications of modern cryptography.

CHAPTER 7: DIGITAL SIGNATURES Digital signatures are one of the most important inventions/applications of modern cryptography. Part VII Digital signatures The problem is how can a user sign (electronically)

### Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 10 Digital Signatures ver. October 29, 2009 These slides were prepared

### Notes on Network Security Prof. Hemant K. Soni

Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications

### 1 Signatures vs. MACs

CS 120/ E-177: Introduction to Cryptography Salil Vadhan and Alon Rosen Nov. 22, 2006 Lecture Notes 17: Digital Signatures Recommended Reading. Katz-Lindell 10 1 Signatures vs. MACs Digital signatures

### Elements of Applied Cryptography Public key encryption

Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let

### CRYPTOGRAPHY IN NETWORK SECURITY

ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

### Public-Key Cryptanalysis

To appear in Recent Trends in Cryptography, I. Luengo (Ed.), Contemporary Mathematics series, AMS-RSME, 2008. Public-Key Cryptanalysis Phong Q. Nguyen Abstract. In 1976, Diffie and Hellman introduced the

### Introduction. Digital Signature

Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

### Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier

Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier http://asecuritysite.com @billatnapier Introduction. Encryption: Public/Private Key. Key Exchange. Authentication.

### 7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

### In this paper a new signature scheme and a public key cryptotsystem are proposed. They can be seen as a compromise between the RSA and ElGamal-type sc

Digital Signature and Public Key Cryptosystem in a Prime Order Subgroup of Z n Colin Boyd Information Security Research Centre, School of Data Communications Queensland University of Technology, Brisbane

### Digital Signatures. What are Signature Schemes?

Digital Signatures Debdeep Mukhopadhyay IIT Kharagpur What are Signature Schemes? Provides message integrity in the public key setting Counter-parts of the message authentication schemes in the public

### CS 161 Computer Security

Song Spring 2015 CS 161 Computer Security Discussion 11 April 7 & April 8, 2015 Question 1 RSA (10 min) (a) Describe how to find a pair of public key and private key for RSA encryption system. Find two

### Public Key (asymmetric) Cryptography

Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

### Chapter 37. Secure Networks

Chapter 37 Network Security (Access Control, Encryption, Firewalls) Secure Networks Secure network is not an absolute term Need to define security policy for organization Network security policy cannot

### SECURITY IN NETWORKS

SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

### 2. Cryptography 2.4 Digital Signatures

DI-FCT-UNL Computer and Network Systems Security Segurança de Sistemas e Redes de Computadores 2010-2011 2. Cryptography 2.4 Digital Signatures 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures

### A novel deniable authentication protocol using generalized ElGamal signature scheme

Information Sciences 177 (2007) 1376 1381 www.elsevier.com/locate/ins A novel deniable authentication protocol using generalized ElGamal signature scheme Wei-Bin Lee a, Chia-Chun Wu a, Woei-Jiunn Tsaur

### Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

### Asymmetric Cryptography. Mahalingam Ramkumar Department of CSE Mississippi State University

Asymmetric Cryptography Mahalingam Ramkumar Department of CSE Mississippi State University Mathematical Preliminaries CRT Chinese Remainder Theorem Euler Phi Function Fermat's Theorem Euler Fermat's Theorem

### CS549: Cryptography and Network Security

CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

### Digital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015

Digital Signatures Meka N.L.Sneha Indiana State University nmeka@sycamores.indstate.edu October 2015 1 Introduction Digital Signatures are the most trusted way to get documents signed online. A digital

### Chapter 10. Network Security

Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

### Efficient construction of vote-tags to allow open objection to the tally in electronic elections

Information Processing Letters 75 (2000) 211 215 Efficient construction of vote-tags to allow open objection to the tally in electronic elections Andreu Riera a,,joseprifà b, Joan Borrell b a isoco, Intelligent

### Cryptography and Network Security

Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### Cryptographic Hash Functions Message Authentication Digital Signatures

Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption

### Security and Authentication Primer

Security and Authentication Primer Manfred Jantscher and Peter H. Cole Auto-ID Labs White Paper WP-HARDWARE-025 Mr. Manfred Jantscher Visiting Master Student, School of Electrical and Electronics Engineering,

1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

### PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

### Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

### 9 Modular Exponentiation and Cryptography

9 Modular Exponentiation and Cryptography 9.1 Modular Exponentiation Modular arithmetic is used in cryptography. In particular, modular exponentiation is the cornerstone of what is called the RSA system.

### Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography

Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt

### Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

### RSA Cryptosystem. Yufei Tao. Department of Computer Science and Engineering Chinese University of Hong Kong. RSA Cryptosystem

Yufei Tao Department of Computer Science and Engineering Chinese University of Hong Kong In this lecture, we will discuss the RSA cryptosystem, which is widely adopted as a way to encrypt a message, or

### Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

### Cryptography and Network Security Chapter 10

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central

### Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

### Hash Function Firewalls in Signature Schemes

Outline Hash function flexibility and firewalls Breaking firewalls in signature schemes Hash Function Firewalls in Signature Schemes Conclusions Burt Kaliski, RSA Laboratories IEEE P1363 Working Group

### APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

### 8th ACM Conference on Computer and Communications Security 2001 5-8 November 2001 Philadelphia - Pennsylvania - USA

8th ACM Conference on Computer and Communications Security 2001 5-8 November 2001 Philadelphia - Pennsylvania - USA Twin Signatures: an Alternative to the Hash-and-Sign Paradigm David Naccache (Gemplus,

### 1 Message Authentication

Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions

### ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES. Daniela Bojan and Sidonia Vultur

ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES Daniela Bojan and Sidonia Vultur Abstract.The new services available on the Internet have born the necessity of a permanent

### RESEARCH ON DIGITAL SIGNATURE Aanchal Chanana, Akash Sharma, Amit Yadav

ABSTRACT RESEARCH ON DIGITAL SIGNATURE Aanchal Chanana, Akash Sharma, Amit Yadav 7 th Semester, Computer Science and Engineering. Dronacharya College Of Engineering, Gurgaon This paper introduces a number

### A New Generic Digital Signature Algorithm

Groups Complex. Cryptol.? (????), 1 16 DOI 10.1515/GCC.????.??? de Gruyter???? A New Generic Digital Signature Algorithm Jennifer Seberry, Vinhbuu To and Dongvu Tonien Abstract. In this paper, we study

### MTAT.07.003 Cryptology II. Digital Signatures. Sven Laur University of Tartu

MTAT.07.003 Cryptology II Digital Signatures Sven Laur University of Tartu Formal Syntax Digital signature scheme pk (sk, pk) Gen (m, s) (m,s) m M 0 s Sign sk (m) Ver pk (m, s)? = 1 To establish electronic

### Asymmetric Encryption. With material from Jonathan Katz, David Brumley, and Dave Levin

Asymmetric Encryption With material from Jonathan Katz, David Brumley, and Dave Levin Warmup activity Overview of asymmetric-key crypto Intuition for El Gamal and RSA And intuition for attacks Digital

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

### Information & Communication Security (SS 15)

Information & Communication Security (SS 15) Electronic Signatures Dr. Jetzabel Serna-Olvera @sernaolverajm Chair of Mobile Business & Multilateral Security Goethe University Frankfurt www.m-chair.de Agenda

### Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Encryption/Decryption using Public Key Cryptography Network Security Chapter 2 Basics 2.2 Public Key Cryptography

### Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

### Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1

Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 Daniel Bleichenbacher Bell Laboratories 700 Mountain Ave., Murray Hill, NJ 07974 bleichen@research.bell-labs.com

### CIS 5371 Cryptography. 8. Encryption --

CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.

### Introduction to Cryptography

Introduction to Cryptography Part 2: public-key cryptography Jean-Sébastien Coron January 2007 Public-key cryptography Invented by Diffie and Hellman in 1976. Revolutionized the field. Each user now has

### Capture Resilient ElGamal Signature Protocols

Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department

### Chapter 7: Network security

Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

### Digital signatures and certification

Högskolan i Halmstad Nätverksdesign och datordrift VT 2008 Lärare:Kristina Kunert Digital signatures and certification Patrik Bertilsson. 198812115957. patte_was_here@hotmail.com Martin Jönsson. 197909163955

### Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm By Mihir Bellare and Chanathip Namprempre

Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm By Mihir Bellare and Chanathip Namprempre Some slides were also taken from Chanathip Namprempre's defense

### Practice Questions. CS161 Computer Security, Fall 2008

Practice Questions CS161 Computer Security, Fall 2008 Name Email address Score % / 100 % Please do not forget to fill up your name, email in the box in the midterm exam you can skip this here. These practice

### SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

### Twin Signatures: an Alternative to the Hash-and-Sign Paradigm

Proceedings of the 8th ACM Conference on Computer and Communications Security. Pages 20 27. (november 5 8, 2001, Philadelphia, Pennsylvania, USA) Twin Signatures: an Alternative to the Hash-and-Sign Paradigm

### The Elements of Cryptography

The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish