Assignment 5 Parisha Joshi 2Q : If the tangent is vertical then it will intersect at infinity, so 2Q = O. 3Q = 2Q +Q= O + Q = Q Ans 10.11) 4(a^3) + 27(b^2) mod 7 = 112 mod 7 = 0 This elliptic curve does not satisfy the condition and therefore does not define a group over Z 7 . Answer E 7 (2,1). y^2 = x^3 + 2x + 1, p = 7. x (x^3 + 2x + 1) mod 7 Square root mod 7 exists ? y 0 1 yes 1,6 1 4 yes 2,5

2 6 no 3 6 no 4 3 no 5 3 no 6 5 no Ans 10.16) a) RHS = S + kY A = M – kX A G + kX A G after substituting the values of S and Y A = M = LHS b) The imposter gets Alice’s public verifying key Y A and sends Bob M, k, and S = = M – kY A for any k.
a) Both A and B assume that the new key is shared. o A assumes that K’AB is shared with B because B chose it. Since the new key can only be decrypted y the old one A knows for sure that it was from B. o Same goes with B, B know that the old key is only owned by A so the new key can only be decrypted by A. o The new key is fresh and A knows that because it is generated by B with the nonce N A which was shared by A to B.

o B believes the new key is fresh because it was B itself who generated the new key. b) C can perform a man in the middle attack with A and B in following way: We assume C has the previous key K AB 1. C ->> B : A , N A 2. B ->>C : E(KAB,[NA, K’AB]) 3. C ->> A : E(KAB,[NA, K’AB]) 4. A ->> C : E(K’AB, NA) 5. C ->> B : E(K’AB, NA) c) The protocol can be modified in 2 ways The previous key should not be used to encrypt new key. This was if C get KAB it won’t matter.

