CNPA A
Security 1
We recall from earlier discussions the definition of a communication channel involving a sender (often
referred to as Alice), a receiver (often referred to as Bob) and an eavesdropper (often referred to as Eve),
and the processes of encrypting and decrypting data being sent between Alice and Bob. A message is often
referred to as plaintext prior to encryption and once encrypted it is referred to as ciphertext.
Question 1: In the space given below, draw a communication channel. Include on your diagram Alice, Bob,
Eve, a key source, plaintext and ciphertext.
Alice
Plaintext
Encrypt
KA
Bob
Ciphertext
Ciphertext
Decrypt
Plaintext
Eve
Eavesdropper
Key Source
KB
Question 2: Explain what is meant by a symmetric key cipher scheme. State two examples of a symmetric
key cipher scheme.
Answer: A symmetric key cipher scheme is one that involves a secret (sometimes called a private key
system since the key is kept private between the sender and receiver) key shared by the sender and
receiver of the encrypted data. Here KA = KB. Examples include the Vernam cipher (also known as the one
time pad), DES (the Data Encryption Scheme), and AES (the Advanced Encryption Scheme).
Question 3: Explain what is meant by an asymmetric key cipher scheme. Give two examples of a
mathematical problem that asymmetric key cipher schemes are reliant upon for their security.
Answer: An asymmetric key cipher scheme is one that involves a pair of keys, the first is referred to as a
public key whilst the second is referred to as the private key. Here KA = K B -1 the inverse of KA. The public key
is made available to all, for the purpose of encrypting plaintext messages intended for the owner of the pair
of keys. The private key, kept private (secret) to its owner, has the property that it is the inverse of the public
key, (in fact each key is the inverse of the other). The private key can therefore be used to decrypt any
incoming ciphertext that has been encrypted with the private keys corresponding public key. If the receiver
is the only one in possession of the private key, then in principle the receiver should be the only one able to
decrypt the ciphertext and obtain the original plaintext. Asymmetric key cipher systems are based on either
the IFP (integer Factorisation Problem) or the DLP (Discrete Logarithm Problem) which are perceived to be
NP difficult problems to solve.
Question 4: Show that for a group of n users, a symmetric key cipher scheme requires O(n2) number of keys
but that an asymmetric key cipher scheme only requires O(n) keys.
Answer: For a symmetric scheme, if each user generates n-1 symmetric keys for use in securing ‘secure’
ciphertext between themselves and the other members of the group there will be n(n-1) keys generated.
However, each pair of users will then have 2 symmetric keys, where only 1 key is necessary. The number of
keys required will therefore be 0.5n(n-1) keys. This sum is a quadratic in n which we describe in big O
notation as O(n2). For the asymmetric case each user will require 2 keys – a public key and a private key.
Since there are n users in the group and each requires 2 keys, it follows that 2n keys are required. This sum
is linear in n which in big O notation we write as O(n).
Question 5: Given plaintext 0110 0011 0110 0010 and symmetric key 1110 0011 0011 0111 what ciphertext
value will result from using the Vernam cipher?
Answer: the ciphertext value will be 1000 0000 0101 0101
Question 6: Define what is meant by a prime number. Hence express 351747000 as a product of prime
numbers. Give two examples of an asymmetric key algorithm.
Answer:
Definition Let p be a positive natural number greater than one. Then p is said to be prime if p has no
divisors. So p can only be divided exactly by 1 and itself.
351747000 = 23 x 32 x 53 x 112 x 17 x 19. Examples of asymmetric algorithms include RSA (the Rivest,
Shamir, Adleman algorithm), El-Gamal for finite fields, and for elliptic curves), and the MenezesVanstone Scheme. RSA is based on the IFP. The others are based on either the DLP or variations on the
DLP. Recall also that we have also met the Diffie-Hellman Key Agreement Protocol. This too was based
upon the DLP.
Question 7
Describe the RSA Algorithm. Given that (n, p, q, a, b) = (77, 7, 11, 11, 11) what ciphertext value is obtained
from the RSA algorithm for a plaintext value of 4? Verify that your ciphertext value is correct.
Answer
The RSA Encryption and Decryption Algorithm
n = pq where p and q are odd primes.
Plaintext and Ciphertext are expressed in terms of Zn. Calculations are carried out in Zn.
Keys are given by the 5-tuple k = (n, p, q, a, b) where ab = 1mod φ(n) with φ(n) = (p −1)(q − 1).
Bob’s public key is (n, b).
Bob’s private key is (p, q, a).
For plaintext x ∈ Zn encryption is given by the rule ek(x) = xb modn
For ciphertext y ∈ Zn decryption is given by the rule dk(y) = ya modn
For (n, p, q, a, b) = (77, 7, 11, 11, 11),
ek(4) = 4
11
3
4 2
2
2
mod 77 = 4 (4 ) mod 77 = 64 x 256 mod 77 = 64 x 25 mod 77 = 64 x 625 mod 77
= 64 x 9 mod 77 = 576 mod 77 = 37
8
3
2 4
2
4
dk(37) = 3711 mod 77 = 37 x 37 mod 77 = (37 ) x 37 x 37 mod 77 = 60 x 60 x 37 mod 77
2
2
= 3600 x 60 x 37 mod 77 = 58 x60 x 37 mod 77 = 53 x 60 x 37 mod 77 = 117660 mod 77 = 4
Question 8
Explain the difference between:
a) Using RSA as a digital signature tool and using RSA as an encryption/decryption tool
b) A key agreement protocol (such as Diffie-Hellman) and a key exchange protocol
Answer
a) We consider the case for Alice (sender) and Bob (receiver):

With a digital signature the idea is that Alice applies ‘her’ private key to the intended
transmission (be it plaintext, ciphertext or some part of the intended transmission) and then
sends it to Bob. So as an example Alice could apply her private key to the text ‘Hello, my name
is Alice’ and in so doing, scramble the text which she then sends to Bob. Alice is the only one
that has ‘her’ private key and so Alice is the only one that could have applied ‘her’ private key
to the text. Everyone has access to Alice’s public key and so everyone can apply Alice’s public
key to the scrambled text and in doing so obtain the original text, which in this example is
‘Hello, my name is Alice’. So this approach is a very good for indicating that a transmission is
from a particular sender, but terrible, in general, as an approach for keeping a secret since any
text encrypted with Alice’s private key can be read by anyone with access to Alice’s public key.
In the general case, everyone has access to Alice’s public key!

For encryption/decryption, the idea is that Alice applies Bob’s public key (which is available to
everyone) to the data (the plaintext) and then sends the resulting ciphertext to Bob. Bob in
theory, is the only one that has a copy of ‘his’ private key and so (in theory) is the only one that
can decrypt the received ciphertext to obtain the original plaintext. This approach is great (in
theory) for keeping secrets (we say maintaining confidentiality), but who sent the ciphertext?!
b) For a key agreement protocol, the key is not known until the very end of the protocol. With a key
exchange protocol the key is known by the sender at the beginning of the (sending) protocol