For this Question, you examine the security of public key encryption schemes. Do
ID: 3726533 • Letter: F
Question
For this Question, you examine the security of public key encryption schemes.
Do you believe that RSA is unconditionally secure?
What is needed to break the RSA scheme?
What is the difference between RSA security and AES security?
What is the performance difference between the RSA scheme and AES scheme for similar security levels?
How do you use RSA and AES in your daily practice (e.g. in SSL or VPN protocols)?
If you were to develop a secure online e-commerce service, how would you use RSA and/or AES?
Explanation / Answer
Do you believe that RSA is unconditionally secure?
Ans. In the case of RSA, if someone were to prove that integer factorization was as difficult as we currently think it is, and prove there were no other assumptions or flaws in the system, then RSA would be unconditionally secure. Unconditional security removes the requirement of infinite computing power, and relaxes it to impossible in the physical universe.
What is needed to break the RSA scheme?
Ans. We can use any of there methods
Method 1 Factoringi n: Sincethe factors of n would give away (n) and therefore d, a cryptanalyst would break the code if he factored n.
Method2 Computing (n) without factoring n.:
This method would break the system because if one could compute (n), then he could computed as the multiplicative inverse of the publicly revealed e modulo (n).
Method 3: Determining d without factoring n or computing (n).: Should one try to find a d which is equivalent to the secret d, and if such values d were common, then a brute-force attack could crack the code. However, all such values d differ by the least common multiple (lcm) of (p 1) and (q 1), and here is why. Since, by arithmetic modulo (n) we have e · d = 1(mod (n)) , then indeed e · kd0 = 1 (mod k · (n)) for an integer k, and setting k = 1, we obtain the orgiinal equation. Seeing that since (n) = (p 1) · (q 1) and k · (p 1) · (q 1) = lcm((p 1),(q 1)) when k = 1, then indeed (n) = lcm((p 1),(q 1)).
What is the difference between RSA security and AES security?
Ans. On the basis of security AES scheme is more secure than RSA scheme. Because AES has 10 to 14 rounds of encryption.
What is the performance difference between the RSA scheme and AES scheme for similar security levels?
Ans. The required key length needed by various encryption algorithms in order to achieve a level of security comparable to a specified RSA key length (e.g., to achieve the same level of security provided by 2048-bit RSA encryption, AES requires only a 112-bit key). The longer key lengths of RSA and discrete log will also require additional bandwidth for public key transfer, and no additional bandwidth overhead is required for AES. So on the basis of performance AES is good than RSA.
How do you use RSA and AES in your daily practice (e.g. in SSL or VPN protocols)?
Ans. SSL: To start a TCP/IP (the Internet protocol) connection between a web browser
(client) and a secure web server, SSL engages a security agreement (handshake).
The handshake enables the client and server to agree on the level of security to be
used. The handshake includes checking the server's digital certificate. Digital
certificates are electronic files (containing user name, user's public key, and name of
Certification Authority (CA) issuing the certificate and other attributes) that act as an
online passport. Digital certificates are issued by trusted third parties known as
certificate authorities such as VeriSign. Therefore, a digital certificate does connection
verifications between the server's public key and the server's identification. If this
initialization process is successfully done all data transmission between the client and
the server are encrypted by the RSA cryptosystem.
VPN :
A corporate employee, while traveling, uses a VPN to connect to his/her company’s private network and remotely access files and resources on the private network.
Home users, or private users of VPN, primarily use VPN services to bypass regional restrictions on the Internet and access blocked websites. Users conscious of Internet security also use VPN services to enhance their Internet security and privacy.
If you were to develop a secure online e-commerce service, how would you use RSA and/or AES?
Ans. RSA protocols SSL (Secure Socket layer) and SET (Secure Electronic Transaction). SSL can be used to develop secure connection with the server and SET can be used for secure transactions using cards.