11.7 Exercises
11.7 Exercises
1. (Easy: Symmetric Cryptography)
This problem is based on a protocol for Key Exchange for Symmetric Cryptography, discussed on page 47 of Applied Cryptography [Sch96]. Here, we have three participants. Alice and Bob are the two programs participating in a transaction. Trent is a trusted program that mediates or facilitates the communication.
Assume everyone uses DES for encryption and decryption. Each of Bob and Alice has a secret key that each one knows individually, but no one else knows, with the exception of Trent. Trent knows everyone’s keys.
You will have to write code that has three programs named Bob, Alice and Trent. They can be running on the same machine or three different machines.
In what is given below, a session key is simply a DES key.
Write programs using sockets that simulate the following protocol.
(a) Alice contacts Trent and requests a session key.
(b) Trent generates a random session key of the appropriate size. Trent encrypts two copies of this session key. The first is encrypted with Alice’s key, and the second is encrypted with Bob’s key. Trent sends both copies to Alice. He clearly labels them.
(c) Alice decrypts her copy of the session key. She knows her own key, so she can do this.
(d) Alice sends Bob his copy of the session key.
(e) Bob decrypts his copy of the session key.
(f) Alice now sends Bob a message in encrypted form using the session key.
(g) Bob decrypts the message and reads it.
Use sockets for communication among the parties.
2. (Hard: Symmetric Cryptography, Public-key Cryptography, Long-term project)
Digital Signatures
Let Alice and Bob be the two participants in the communication. Let us see what happens when Alice sends Bob a message. When Bob receives the message, he wants to be able to verify that the message came from Alice and no one else. In addition, the message should come in confidence. A double use of the public-key scheme can satisfy these two requirements. Let a public key be denoted by KU and a private key by KR. A subscript specifies the owner of the key. Thus is Alice’s public key.
The following protocol can be used with the RSA encryption and decryption algorithms to obtain the effect of a digital signature.
(a) Let m be the message to be sent. It is the plaintext. Alice encrypt m using her private RSA key to obtain .
Here, E is the RSA encryption function. is the key used for encryption.
(b) Alice encrypts by using Bob’s public key to obtain the ciphertext c.
Thus, there are two calls to the encryption function by Alice.
(c) Alice transmits the ciphertext c over an unsecured transmission channel. In the case of the program you have to write, c is sent by Alice to Bob through the socket interface.
(d) Bob receives c at his end. Bob performs two decryption steps. First, Bob decrypts c using Bob’s private key. This gives us .
Here, D is the RSA decryption function. is the key used for decryption.
(e) Bob decrypts a second time using Alice’s public key.
It can be shown that , i.e., is the original plaintext message m that was sent by Alice.
The problem requires you to write two programs that communicate using sockets using the protocol given above. In other words, in your program, a receiver should be able to receive a message confidentially and can also verify the sender’s identity.
3. The Secure Electronic Transaction (SET) is an encryption and security specification designed to protect credit card transaction on the Internet.
SET is quite complicated. It provides for secure secure communication channels among all parties involved in a transaction. The specification of SET came out in 1997 and is 971 pages long.
The participants in SET are:
(a) the card holder,
(b) the merchant,
(c) the card issuer,
(d) the acquirer,
(e) the payment gateway, and
(f) the certification authority.
SET is discussed in somewhat detail in Chapter 14 of Cryptography and Network Security [Sta99]. Study the description of SET in this book or elsewhere. Detailed descriptions are also available on the Web
Write code that allows you to set up the entities involved in a transaction and allow communication among them, two at a time.
We will now deal with the manner in which interaction between any two parties proceeds in SET. Let the two parties be called Alice and Bob. Alice initiates the communication, and Bob receives it. In other words, Alice encrypts her message, and Bob decrypts the message he receives from Alice.
There are several keys involved: one symmetric key (say, DES) for encrypting the actual data, also called property description; two pairs of public-private keys (RSA), one pair for signature (called public-private signature keys), and another pair for exchanging public keys (called public key-exchange key). There are also a couple of certificates involved: one for Alice and another for Bob. We will not deal with certificate issuance. A certificate is like a paper certificate. It contains information such a participant’s ID or name, and other relevant information. In this case, a certificate binds the identity of a certificate holder to is or her public key.
The Encryption Process:
The encryption process at Alice’s end is shown below.
Alice runs her data or property description through an 1-way algorithm, a hash, to produce a unique value known as the message digest. This is a kind of digital fingerprint of the data and will be used to test the integrity of the message.
The digest modules of interest are: Digest::MD5, Digest::SHA1. Use one of these two algorithms.
Alice then encrypts the message digest with her private signature key to produce the digital signature.
Next, Alice generates a random symmetric key and uses it to encrypt the property description, her signature and a copy of her certificate. The certificate contains her public signature key. In order to decrypt the property description, Bob will require a secure copy of the random symmetric key.
Bob’s certificate, which Alice must have obtained prior to initiating secure communication with him, contains a copy of his public key-exchange key. To ensure secure transmission of the symmetric key, Alice encrypts it using Bob’s public key-exchange key. The encrypted key, referred to as the digital envelope, is sent to Bob along with the encrypted message itself.
Assume that the certificates are exchanged securely, say, by hand or by certified surface mail.
Finally, Alice sends a message to Bob consisting of the following: the symmetrically encoded data or property, signature and certificate, as well as the asymmetrically encrypted symmetric key.
The Decryption Process:
The decryption process at Bob consists of the following steps.
Bob receives the message from Alice and decrypts the digital envelope with his private key-exchange key to retrieve the symmetric key.
Bob uses the symmetric key to decrypt the property description, Alice’s signature and her certificate.
He decrypts Alice’s signature with her public signature key, which he acquires from her certificate. This recovers the original message digest of the property description.
He runs the property description through the same one-way algorithm used by Alice and produces a new message digest of the decrypted property description.
Finally, he compares his message digest to the one obtained from Alice’s digital signature. If they are exactly the same, he confirms that the message content has not been altered during transmission and that it was signed using Alice’s private signature key.
If they are not the same, then the message either originated somewhere else or was altered after it was signed. In that case, Bob takes some appropriate message such as notifying Alice of discarding the message.
Implement the encryption and decryption processes as two modules or packages. Instantiate them for each of the participants in SET. Store all code and data for each of the participants in a separate directory.
Describe salient details of your implementation in a write-up between one and two pages long.