Cryptography

 

 

 

 

 

Cryptography

Student Name

Institution Affiliation

Date

 

 

 

 

 

 

 

 

 

1. What are two different uses of public-key cryptography related to key distribution?

The public key cryptography is used for encrypting the message. It allows one to send a message in an insecure channel. Public key cryptography is therefore, a scheme of encryption that utilizes two keys that are related mathematically. The public key can be shared freely, making it convenient for the users to encrypt the message ((Bhandari, 2016)).

The public key is also used for digital signatures, which offers several security benefits. One such benefit is authentication, which is the assurance to the recipients that the individuals with the private key actually made an application for the signatures (Boddewyn, 2016). Digital signatures also ensure that there is non-repudiation hence preventing the individual’s denial with the private key that he/she made the application for the digital signatures. Digital signatures are also crucial for integrity. Verification of the signatures that the present content is similar to one that was there before the application of the signature.

2. List four general categories of schemes for the distribution of public keys.

The first primary category is the public key announcement, publicly available directory, public-key certificates, and the public key authority. The users use the public key information to distribute the public keys to the recipients; for instance, the email list and the creation of new groups (Campagna, & Gueron, 2019). However, public key announcement encourages forgery since anyone can create the key claiming to be someone else and make the broadcast.

On the other hand, the public key authority usually improves the security by tightening control of the keys that originates from the directory. The users are always required to know the public key for the directory. The users however, require the real-time access directory in cases when the keys are needed. A public key directory can acquire an excellent security through registration with a public directory. The directory usually contains the entries and the name of the public key. The participants must also securely register with the directory. The participants must also be capable of replacing the key any time they wish to. There also must be a periodical publishing of the directory. The directory also allows for the electronic access. The major weakness of the public key directory is that it is prone to forgery (Casal, Rasga, & Souto, 2018).

A public-key certificate normally provides the safest way for an organization to pass on the public key to utilize symmetric cryptography. A public-key certificate is usually issued by a trusted entity and provides an identity for the bearer. A public key certificate’s major components are the issuer, the validity period, the subject, the subjects’ public key, and the signature (Chung, Georgiou, Lai, & Zikas, 2019).

3. NIST defines the term crypto period as the time span during which a specific key is authorized for use or in which the keys for a given system or application may remain in effect. One document on key management uses the following time diagram for a shared secret key.

 

Explain the overlap by giving an example application in which the originator’s usage period for the shared secret key begins before the recipient’s usage period and also ends before the recipients’ usage period.

The length of the key is the most critical security parameter in most of the cryptographic functions. Both the private and academic institutions usually recommend the mathematical formula used in approximating the minimum size of the security key needed for protecting the system from rapid attacks.

There is also the implementation of the mathematical formulas on the website that summarizes the report from the organizations that are well known hence, allowing one to quickly evaluate the minimum required size of the key for the system. A comparison of all these techniques may also be made for the required protection level. The provision of the lengths is designed in such a way that they can resist attacks that are mathematical (Costa, Figuerêdo, & Oliveira, 2017).

 

It is not valid. The function cannot be one- since the input number is arbitrary, but the output number is 2 raised to n. There must exist some inputs that map into the same output.

5. What is the role of a compression function in a hash function?

The compression function in the hash function usually mix two fixed-length input and produce a singular fixed-length output with the same size as the inputs (Dehnavi, 2018). This is then followed by the sequential processing of the blocks taking the input as a result of the hash and the existing content block with the hash value of the message being the final output. The compression function also plays the role of the basic building block in the hash function and involves the repeated applications by the compression function. The compression function usually has a length that is fixed; hence, making it a typical event for the hash function to have collisions. The collision-free property usually confirms that it is hard it is for the intruder to find two input values with a similar hash.

 

 

 

6. It is possible to use a hash function to construct a block cipher with a structure similar to DES. Because a hash function is one way and a block cipher must be reversible (to decrypt), how is it possible?

Block cipher can be built out of many great things. For one to use a hash function, then the basic trick is to follow a Feistel structure that is incidentally of similar structure with what is used by DES. The hash functions could be used on the ‘F’ part that combines one key and one and half of the current block in producing a value that is XORed with another half of the existing block. The best thing in the scheme is that the Feistel structure is always invoked in the directions that are similar both for the encryption and the decryption (Geuens, 2011).

Hatzivasilis, 2017 has shown that the Feistel structure usually offers security that is remarkable with as little as four rounds as long as the perfection on the side of the ‘F’ function is well checked and the size of the block of the cipher is big enough. However, a concrete hash function cannot be really perfect, and there are a number of things that can lead to the destruction of the cipher structure that is best thought of. Therefore, it is advisable for one to build their own crypto unless they are very sure of the process. Any mistake made can lead to a disappointing performance.

Hash functions are usually of the arbitrary size digital data that is usually mapped into the dimensions that are fixed to help. If there are slight differences in the inputs that are available in the hash functions, then a large difference may be produced in the output data. The principles that must be followed by all hash functions include the fact that the sequence of the n-hit blocks is normally used for analyzing the input messages. At some point in time, a one input block is usually processed in the iterative procedure to produce an n-bit hash function.

 

7. What types of attacks are addressed by message authentication?

The attacks that are addressed by message authentication include the modification of the sequence, the modification in the timing, and the content modification (Järpe, 2020). The content modification prevents the change of the content by ensuring that the message is not tampered with. The sequence modification prevents any changes to the sequence, while the timing modification prevents any delay of the messages. The timing attack happens when the attacker attempts to interfere with the cryptography system by analyzing the timing taken in the execution of the cryptographic algorithms.

The timing of information, when combined with the cryptanalysis, can increase the level of leakage of the information. The content modification attack can be explained in the situation whereby an intruder redirects the message to a different destination or changes the message on the targeted machine. The content modification can be done either through an active or a passive attack. In the sequence attack, the attacker normally hopes to guess correctly the number of the sequence that will be used by sending the sequence number to the host.

The message authentication usually prevents the authentication attack problem by the addition of a hash function that is more secure so that any modification may be detected as the attack happens. The attack can also be detected when the attacker tries to impersonate someone else (Kashefi, & Wallden, 2017).

8. What changes in HMAC are required in order to replace one underlying hash function with another?

The changes that are required in HMAC in order to replace the underlying hash function with another is the removal of the existing hash function and the replacement with another hash function   (Kim, 2016). MAC is normally a message authentication code that uses a cryptographic key with the combination of a hash function.

The hash function is normally used in the mapping of the digital data from the fixed to an arbitrary size. The code of the HMAC is normally used in the determination of the message sent over the channel that is insecure has been altered with a secret key between the receiver and the sender or not.HMAC also does encrypt the message as the sender can make a computation of the hash value for the original data and send both the data and the hash value in singular form (Kumar, 2019). The hash value is also computed from the receivers’ side for the message that is received—checking whether both the computed values matches is usually done by the computation of the hash values from the receivers’ and the senders’ side. The matching of the two hash values from the senders’ side and the receiver’s side is a sign of the fact that the message is authentic.

 

9. What is the difference between a message authentication code and a one-way hash function?

The difference between the message authentication and a one-way hash function is that the hash function by itself does not produce a message authentication (Lambert, & Montemari, 2017). A confidential key must be used in some ways with the hash function so as to provide authentication. The code used for authentication is calculated by a secret key called a message authentication code. The other major difference is that while hashes are used to guarantee the data integrity, message authentication code guarantees both the integrity and authentication. This shows that the code of the hash function is generated without any input from external sources.

A MAC usually utilizes the private key as the source of the hash function that is used when generating the code (Shah, & Qureshi,2019). The message authentication code and the hash functions do possess different security requirements. The message authentication code must resist the existential forgery in the selected plain text attacks for it to be considered secure. Moreover, the message authentication code is implemented in a different way to one- way hash function. The message authentication code is implemented through the generation of an algorithm that is based upon the generation of the hash code with the extension that insists on using the private key.

The other difference between the hash function and the message authentication code is that a hash function involves a production of a digest from a message. A hash that is cryptographically secured is usually infeasible mathematically to allow the generation of a given digest (Trostle, 2018). A hash of a message usually provides information concerning the sender of a given message. If there is a possibility of a secured communication of a hash message, then there is a possibility of verifying a large message that has been received over an insecure means. Message authentication code, on the other hand, combines a shared secret key with the message so that the message recipient can verify that the message sender has the secret key that is shared and that a person who does not know the secret key may have altered the message. Moreover, the message authentication code does not encrypt the message as compared to a one-way hash function.

10. What are the properties a digital signature should have?

The major characteristic of the digital signatures is that they cannot be forged (Van Buren, Syed, & Mir, 2019). This is because only the signer can give the signature that is valid for the associated messages. There is also the property of authenticity that checks on the validity of the signatures. The other major property is non-reusability. Non-reusability ensures that the signature used on one document cannot be used on another document. The other major characteristic of the digital signatures is the no-repudiation that ensures that the signer cannot deny having signed a document, and they must have a valid signature. There is also the property of integrity, which ensures that there is no modification of the contents.

The non-reusability and unforgeability properties ensure that there is secrecy on keying material. It also ensures that there is the use of strong and secure cryptographic algorithms. The two properties require that there is the storage of the keying materials and the algorithms in a tamper-resistant device that is usually protected against any attacks. The smart card issued by the digital signatures usually contains the hardware and the software which provides countermeasures required in granting protection against invasions such as the buffer attacks, malicious code attacks, and the power attacks.

The non- repudiation property depends on the security of the whole system. The security of the system that is considered the weakest usually determines the overall security of the entire system. The security of the entire system is usually taken into consideration while designing the security system. Even the strongest mechanism is normally tested before granting the proof of the possession. The only way that the property of the non-repudiation can be defeated is when the storage of the private key is not secure.

The property of the authentication can only be granted by ensuring the active participation of the signer in the transaction process. The participation of the signer is normally ensured through the availability of the smart card that is owned by the signer. Validating the secret code that is known by the signer also ensures that the signer participates in the transaction process. The personal identification number is normally kept secret together with the keying material and stored in the smart card.

11. What requirements should a digital signature scheme satisfy?

The digital signatures scheme should satisfy authentication, which allows for the viewing of the person who signed the document (Vogt, 2018). A digital signature scheme should also ensure that there is uniqueness as a hand-signed document that cannot be moved to other documents. Uniqueness ensures that any single document will have its own unique digital signatures. The integrity of the signed document must also be satisfied by the digital signature scheme. The integrity of the document is normally done to prove of inability to make changes to the document that is already signed. The digital scheme must also ensure that there is non- repudiation of the contents of the documents to prevent any waiver in the future.

 

12. In what order should the signature function and the confidentiality function be applied to a message, and why?

It is always important to perform the signature function first, then followed by the confidentiality function. In case of a problem, the message and the signature can be viewed by the third party. The signature function usually uses the private key of the sender to encrypt the hash and utilizes the private key of the recipient by the sender to the recipient to verify the message. In the confidentiality function, the private key of the receiver by the sender is normally used to encrypt the message while the public key of the receiver is normally used to descript the message. It is always important to first perform the signature function before the confidentiality function just in case the sender claims that the private key was lost or stolen, and another person forged the signature.

13. What happens if a k value used in creating a DSA signature is compromised?

If K is compromised, then the private key might be exposed with either one or two signatures. There always a way to recover a key that is private from a single signature by using an algebra that is straightforward. The value of k is usually generated for each signature, and even if a similar message is signed twice on different occasions, the signatures are always different.

• With DSA, because the value of k is generated for each signature, even if the same message is signed twice on different occasions, the signatures will differ. This is not true of RSA signatures. What is the practical implication of this difference?

The DSA is used for the purposes of the signature while the RSA is used for the purpose of cryptography. The k value that is used in the DSA requires to be different for each message even if the message is similar. The major implication of the difference between the DSA and the RSA is the fact that the attacker can always find the private key of the sender so easily while using the DSA. Another major implication of the difference between the DSA and the RSA is that the DSA is faster at encrypting and signing because the value of k is generated for each signature. The RSA is faster at decrypting and verifying because each individual has an associated private key that no else can access. This, therefore, allows for an identification that is positive and unique (Vogt, 2018).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

References

Acknowledgment to Reviewers of Cryptography in 2019. (2020), 4(1), https://doi.org/10.3390/cryptography4010004

Bhandari, S. (2016). A New Era of Cryptography : Quantum Cryptography. International Journal On Cryptography And Information Security, 6(3/4), 31-37. https://doi.org/10.5121/ijcis.2016.6403

 

Boddewyn, J. (2016). International business–government relations research 1945–2015: Concepts, typologies, theories, and methodologies. Journal Of World Business, 51(1), 10-22. https://doi.org/10.1016/j.jwb.2015.08.009

Business Research: Definition, Methods, Types, and Examples | QuestionPro. QuestionPro. (, 2020). Retrieved 24 October 2020, from https://www.questionpro.com/blog/business-research/.

Campagna, M., & Gueron, S. (2019). Key Management Systems at the Cloud Scale. Cryptography, 3(3)

23. https://doi.org/10.3390/cryptography3030023

Casal, F., Rasga, J., & Souto, A. (2018). Kolmogorov One-Way Functions Revisited. Cryptography, 2(2), 9. https://doi.org/10.3390/cryptography2020009

 

Chung, K., Georgiou, M., Lai, C., & Zikas, V. (2019). Cryptography with Disposable Backdoors. Cryptography, 3(3), 22. https://doi.org/10.3390/cryptography3030022

Costa, D., Figuerêdo, S., & Oliveira, G. (2017). Cryptography in Wireless Multimedia Sensor Networks: A Survey and Research Directions. Cryptography, 1(1), 4. https://doi.org/10.3390/cryptography1010004

 

Cryptography I. Coursera. (, 2020). Retrieved 31 October 2020, from https://www.coursera.org/learn/crypto.

 

Dehnavi, S. (2018). Further Observations on SIMON and SPECK Block Cipher Families. Cryptography, 3(1), 1. https://doi.org/10.3390/cryptography3010001

 

Geuens, M. (2011). Where does business research go from here? Food-for-thought on academic papers in business research. Journal Of Business Research, 64(10), 1104-1107. https://doi.org/10.1016/j.jbusres.2010.11.005

Hatzivasilis, G. (2017). Password-Hashing Status. Cryptography, 10 (2),https://doi.org/10.3390/cryptography1020010

Järpe, E. (2020). An Alternative Diffie-Hellman Protocol. Cryptography, 4(1), 5. https://doi.org/10.3390/cryptography4010005

 

Kashefi, E., & Wallden, P. (2017). Garbled Quantum Computation. Cryptography, 1(1), 6. https://doi.org/10.3390/cryptography1010006

Kim, K. (2016). Cryptography: A New Open Access Journal. Cryptography, 1(1), 1. https://doi.org/10.3390/cryptography1010001

 

Kumar, N., 2019. Practically Feasible Robust Quantum Money with Classical Verification. Cryptography, 3(4), p.26.

 

Lambert, S., & Montemari, M. (2017). Business Model Research: From Concepts to Theories. International Journal Of Business And Management, 12(11), 41. https://doi.org/10.5539/ijbm.v12n11p41

 

Shah, T., & Qureshi, A. (2019). S-Box on Subgroup of Galois Field. Cryptography, 3(2), 13. https://doi.org/10.3390/cryptography3020013

 

Trostle, J. (2018). CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion. Cryptography, 2(4), 42. https://doi.org/10.3390/cryptography2040042

 

What is cryptography?. TechRadar. (, 2020). Retrieved 31 October 2020, from https://www.techradar.com/news/what-is-cryptography.

 

 

 

Van Buren, H., Syed, J., & Mir, R. (2019). Religion as a Macro Social Force Affecting Business: Concepts, Questions, and Future Research. Business & Society, 59(5), 799-822. https://doi.org/10.1177/0007650319845097

 

Vogt, A. (2018). Special Issue on Cryptographic Protocols. Cryptography, 2(3), 19.             https://doi.org/10.3390/cryptography2030019