solution homework 03

Security in Computing (3rd Edition)

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner HW 3 Solution 1. (5 pts.) Any questions Any constructive response is given full credit. 2. (20 pts.) Zero knowledge (a) Simulator: i. Pick a random R ( mod N ) . ii. Let S = R e ( mod N ) . iii. Output the following transcript: step 1: Bob sends S to Alice step 2: Alice sends R to Bob step 3: Bob accepts The distribution on the output of Simulator is exactly the same as the distribution on the tran- script obtained by running honest-Alice + honest-Bob together. (b) You need to give an example of a dishonest-Bob that cannot be simulated. Here is one example. Suppose Bob always sends the same value 2 to Alice. Alice will respond with 2 d ( mod N ) . Note that this is a value the simulator cannot emulate: the simulator does not know d , and the security of RSA signatures means that the simulator cannot forge a signature on arbitrary messages (i.e., cannot compute 2 d ( mod N ) without knowledge of d ). Consequently, in this example Bob has
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 2

solution homework 03 - CS 161 Fall 2005...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online