Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Consider the following idea to send a secret message from a user Alice to a user

ID: 3681075 • Letter: C

Question

Consider the following idea to send a secret message from a user Alice to a user Bob: i. Alice places the message in a box and puts a padlock on the box, for which only she has the key. She sends the locked box to Bob. ii. Bob receives the box and adds a second padlock for which only he has the key. He sends the box with the two padlocks back to Alice. iii. Alice removes her padlock and sends the, still locked, box to Bob. iv. Bob removes his padlock and can access the message. An eavesdropper always faces a locked box, and a key point is that the locking mechanisms of Alice and Bob commute—Alice can remove her padlock, even though Bob put on his padlock later. Let us try to implement this protocol over a network using encryption with one-time pads that are XORed with the plaintext message m (which we represent as a bitstring of some fixed length k): Explain why this protocol is insecure, even if the adversary only eavesdrops passively and never sends or deletes messages.

Explanation / Answer

Consider the following idea to send a secret message from a user Alice to a user Bob:

This method is double locking the box.

This back-and-forth “double lock” process is used in many asymmetric key algorithms, such as Elgamal encryption and Diffie-Hellman key exchange, but not all of them.

This is the double lock principle, but it is not a public cryptography as both keys are secret. In public cryptography one key is public, the other is secret . Nobody knowing the public key is able to decipher a message encrypted with a public key. Only the secret key is able to decipher a message encrypted with a public key.

A real-world analogy to public keys would be the padlock. The padlock can be easily closed, but it is much harder to do the reverse, namely opening. It is not impossible, but it requires much more effort to open it than to close it, assuming you don’t have the (private) key. Alice could send Bob an open by mail (the equivalent to the public key).Bob then puts a message for Alice into a box and locks the box with the padlock. Now, Bob sends the locked box back to Alice and Alice opens it with her private key.

This approach is susceptible to man-in-the-middle attacks. If Darth intercepts the mail with Alice’s padlock and replaces it with his own padlock, Bob will lock the box with the wrong padlocks and Darth will be able to intercept the answer. Darth could then even lock the box again with Alice’s padlock and forward box to Alice. That way, she will never notice that the message got intercepted. This illustrates that it is very important to obtain public keys (the padlocks) from a trusted source.

Related Questions

Consider the following hypothesis test. H 0 : 1 - 2 = 0 H a : 1 - 2 0 The follow
Question #3223183
Consider the following hypothesis test. H0: 1 - 2 0 Ha: 1 - 2 > 0 The following
Question #3125350
Consider the following hypothesis test. H0: 1 - 2 = 0 Ha: 1 - 2 0 The following
Question #3363870
Consider the following hypothesis test. H0: 10 Ha: < 10 The sample size is 120 a
Question #3441806
Consider the following hypothesis test. H0: µ1 - µ2 0 Ha: µ1 - µ2 > 0 The follow
Question #3145732
Consider the following hypothesis test. H0: µ1 - µ2 0 Ha: µ1 - µ2 > 0 The follow
Question #3145733
Consider the following hypothesis test. H?: ? ? 0.55 H?: ? < 0.55 Compute the te
Question #1098723
Consider the following hypothesis test. H_0: sigma_1^2 = sigma_2^2 H_a: sigma_1^
Question #3241482
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Consider the following hypothetical: you have entered into a contract to purchas
Next
Consider the following idealized WiMAX scenario. The downstream sub-frame (see F

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.