Computer Security Assume Alice and Bob each have an RSA public key and have no p

Question

Computer Security

Assume Alice and Bob each have an RSA public key and have no pre-existing shared sseret key. Suppose Alice wants to send Bob a message so that no one else can read the contents. Describe precisely the steps Alice takes to do this using modern cryptography (not Diffie-Hellman, using block cipher modes). Specify all encryption algorithms used and all keys and random values (including bit size) that are used.

You can ignore anything to address Bob authenticating the message is from Alice or how Bob processes the message. I just need the steps Alice takes and what she sends to Bob.

Explanation / Answer

In a public-private key encryption, also known as assymetric encryption, sender can encrypt a message using the public key of the receiver and the message can only be decrypted with the private key of the receiver. Given a 'public key-private key' pair, messages encrypted with the former can only be decrypted with the help of later one; conversely, data encrypted with the private key can only be decrypted with its public-key. This characteristic is used tcryptography.

Both the sender and the receiver has their own public key and private key, additionally they also has the public key of other party. The public key is known globally to everyone where as a private key is only known locally. Public key of the receiver is used to encrypt message before sending it over an insecure medium. Private key decrypts the message at receiver side.

RSA algorithm, is the most widely used algorithm to generate the keys.

The steps taken by Alice to send the message are

1. Alice writes a message for Bob and to make sure that only Bob can read the message, she encrypts it using the Public Key of Bob.

2. Bob receives the message sent by Alice and to see what she has sent, he has to decrypts it using his private key.

The best way to explain it clearly is by the following puzzle analogy :

Suppose, A and B are on separate islands.

A needs to send something to Bob, and the only way to do so is through C, who has a boat. But the thing is that both of them can't trust C.

A has a box in which puts the valuable.

Both A and B have their own locks and corresponding keys that only opens their locks.

Both of them doesn't want C to take the valuables in the box or substitute it with a fake one.

This following solution explains how Public-Key Encryption works:

Both A and B can't trust C, so none of them can ask her to deliver either a key, an open lock or the item by itself.

B also has to be sure the item is coming from you and is not a fake substitute.

So, A puts the item in the box and locks it with his lock and gives it to C

C takes the box but can't open it because C has no key to the lock

B sees A's lock which determines the 'authenticity' of the box and the material inside it. At this point, even B can't open it. So, B puts his own lock on the box and sends it back to A, through C.

A verifies B's lock, removes his own lock from the box and sends the box back to B.

Now, B has the box with only his lock on it. So he takes it off, and opens the box.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.