This commit is contained in:
parent
0b78d472b6
commit
3ba9a63d96
10
cw/cw.tex
10
cw/cw.tex
|
|
@ -210,7 +210,7 @@
|
|||
When the message has a bigger size than one block, the scheme still has data confidentiality because the message can still not be decrypted without knowing the key. But it has no longer data integrity because the attacker can change the message in such a way that it would generate a hash collision; therefore the receiver could not prove that the information that was received was not sent that way by the sender; therefore the encryption system does not have data integrity.
|
||||
|
||||
\section*{6}
|
||||
\subsection*{6.1}
|
||||
\subsection*{Senario 1}
|
||||
\subsubsection*{6.1.1}
|
||||
Bob can check if the equation holds then Bob knows that Alice signed the Contract
|
||||
$$h = H(g^s\times y^h \text{ mod } p || C)$$
|
||||
|
|
@ -232,7 +232,7 @@
|
|||
a = \frac{s' - s}{h - h'}
|
||||
$$
|
||||
|
||||
\subsection*{6.2}
|
||||
\subsection*{Senario 2}
|
||||
\subsubsection*{6.2.1}
|
||||
To sign a contract $C$ Alice first chooses 2 random values $r$ and $c_2$ then $z$ is calculated $z=g^r\times y_b^{c_2}$. After we have $z$ we can calculate the intermediary value $c$, $c = H(y_a, y_b, C, z)$. After having $c$ we calculate $c_1$, $c_1 = c - c_2$. $c_1$ is then used to calculate $s = r - c1 \times a mod q$. The signature is $(c_1, c_2, s)$
|
||||
|
||||
|
|
@ -246,7 +246,7 @@
|
|||
\subsubsection*{6.2.4}
|
||||
No, because the signature is generated from multiple public keys and Alice's private key; therefore Chris will not be able to tell who signed the contract
|
||||
|
||||
\subsection*{6.3}
|
||||
\subsection*{Senario 3}
|
||||
\subsubsection*{6.3.1}
|
||||
The encryption works because the numbers that were chosen by Alice and Bob make this equation work
|
||||
$$(m^{r_a})^{r_b} = m (\text{mod } p)$$
|
||||
|
|
@ -278,9 +278,7 @@
|
|||
\subsubsection*{6.3.4}
|
||||
If the discrete logarithm problem is easy to solve, then Elgamal is also easy to solve. While for this case, the being able to solve the discrete logarithm problem does not help an attacker with breaking the algorithm; because the attacker only knows the result of the exponentiation and does not know the value of the base. This is not the case with Elgamal, where the base is publicly known.
|
||||
|
||||
The Diffie-Hellman problem also does not apply, since that problem relies on. If we know $g^x$ and $g^y$ being able to figure out $g^{xy}$ but in this case the problem is slightly different. It is being able to figure out $(g^x)^y$.
|
||||
|
||||
Therefore, this crypto system can not be broken by being able to break the discrete logarithm problem
|
||||
The Diffie-Hellman problem also does not apply, since that problem relies on. If we know $g^x$ and $g^y$ being able to figure out $g^{xy}$ but in this case the problem is slightly different. In this case the base, $m$ is not public therefore being able to solve the Diffie-Hellman problem, does not help with this encryption problem.
|
||||
|
||||
|
||||
\section*{7}
|
||||
|
|
|
|||
Reference in New Issue
Block a user