{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

# 6th - CSci 5471 Modern Cryptography Spring 2010 Homework#6...

This preview shows pages 1–2. Sign up to view the full content.

CSci 5471: Modern Cryptography, Spring 2010 Homework #6 Yongdae Kim Due: Apr 20th (Tuesday) 9:00 AM Show all steps. Please ask any questions, if the problems are not clear. 1. ElGamal vs. Diffie-Hellman Algorithm (30 pt total) Suppose you have an algorithm A that breaks ElGamal en- cryption. In other words, given legitimate ciphertext ( r, c ) of a plaintext m with parameters g, p, q , A can computes m without knowing the private key. More formally, for a given ( r, c, y, g, p, q ) , A outputs m . Mathematically, you can write A ( r, c, y, g, p, q ) m for any ( r, c, y, g, p, q ) where Public information: q is a 160-bit prime number and p is a 1024-bit prime number satisfying q | p - 1 . g is a generator of a subgroup G of Z * p . Public key of a user is y where y = g x (mod p ) . ElGamal ciphertext: ( r, c ) where r = g k (mod p ) with a random integer k and c = my k (mod p ) where m is a message. Show that you can break a Diffie-Hellman key agreement protocol using this algorithm. More formally, show that using this algorithm you can compute g xy (mod p ) for any ( g x (mod p ) , g y (mod p ) , g, p, q ) . (Hint) You need to manipulate input of the algorithm A so that it will output Diffie-Hellman key you want to compute. 2. Strong Password-based Authentication (30 pts) Let S be Alice’s password, p be a large prime, g be an element of Z * p whose order is a prime q ( p = kq + 1 ), h be a cryptographically secure hash function with 160 bit output.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

### Page1 / 2

6th - CSci 5471 Modern Cryptography Spring 2010 Homework#6...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online