In practice, it is sometimes desirable that both communication parties influence
ID: 3709247 • Letter: I
Question
In practice, it is sometimes desirable that both communication parties influence the selection of the session key. For instance, this prevents the other party from choosing a key which is a weak key for a symmetric algorithm. Many block ciphers such as DES and IDEA have weak keys. Messages encrypted with weak keys can be recovered relatively easily from the ciphertext.
Develop a protocol similar to the one above in which both parties influence the key. Assume that both Alice and Bob have a pair of public/private keys for the RSA cryptosystem. Please note that there are several valid approaches to this problem. Show just one.
Explanation / Answer
ANSWER
GIVEN BY
Alice and Bob then work independently:
Alice As
wish a bulky random number, XA < N. This is Alice's private key.
total YA = GXA mod N. This is Alice's public key.
switch public key's with Bob.
work out KA = YB^XAmod N
Bob AS
decide a large random figure, XB < N. This is Bob's private key.
subtract YB = G^XB mod N. This is Bob's unrestricted key.
swap public key's with Alice.
subtract KB = YA^XB mod N
Although Alice and Bob will really make a decision large values for N and G, I will use small standards for instance only;
let's use
N=7
G =3.
Alice AS
Choose XA = 2
compute YA = 32 mod 7 = 2
trade public keys through Bob
KA = 62 mod 7 = 1
Bob AS
Choose XB = 3
estimate YB = 33 mod 7 = 6
Exchange communal keys with Alice
KB = 23 mod 7 = 1
In this case in point, then, Alice and Bob will both hit upon the secret key 1 which is, to be sure, 36 mod 7 (i.e., GXAXB = 32?3).
If an eavesdropper (Mallory) was listen in on the in order exchange between Alice and Bob, he would learn G, N, YA, and YB which is a lot of in turn but insufficient to finding the middle ground the key; as long as XA and XB remain unheard of, K is safe. As said above, conniving Y = GX is a lot easier than finding X = logG Y.