Essay on Questions and Answers

1. NoMining Inc. is trying to create an email server that allows its users to keep control of their emails. This means that the company stores only encrypted emails, does not have a way to peak or mine user emails, generate ads, spy, leak, etc. You have been hired to lead the project. Design an approach to accomplish the task. Analyze its pros and cons. Hint: you can use any combination of symmetric, asymmetric, and hash.

Answer.

In this situation, it can be useful to combine hashing and asymmetric encryption. The scheme is the following: a local client (application or even a web service on the local machine, depending on the requirements of the project) generate a key pair: public and private key. This pair of keys is individual for every user, and these keys will be used for data encryption, verification of message identity and authentication in the process of exchanging messages. The user’s public key is available to all people willing to send him a message, public key is verified at the server as the key associated with this particular user. Private key is kept on the user’s computer and should not be known to any other people. The process of exchanging messages will be the following: if Bob would like to send a message to Alice, he uses Alice’s public key to encrypt the message. Before encrypting the message, he also takes the hash of the message, and encrypts this message with his own private key (here it is assumed that Alice can access Bob’s public key, and vise versa). Then, Bob takes the message encrypted by Alice’s public key and adds the hash of this message, encrypted by own private key. All this is performed locally, and the e-mail message located on the server will store these two encrypted parts.

When the message comes to Alice, she can decrypt hash sent by Bob using his public key, and then decrypt the message using her private key. If the hash of this message appears to be equal to the decrypted version of hash ciphered using Bob’s key, then Alice can be sure that the message really came from Bob, the integrity of the message can be verified (since hash values are identical), and she can also be sure that no one on the server can access her e-mail (since her private key is known only to her). In this situation, the company does not have a way to mine or peak user e-mails, nor can it generate ads and add them to user e-mails.

This system of encryption has a lot of advantages; however, there are several disadvantages of such encryption system as well. First of all, for new contacts there should be some authority verifying their identity (and the identity of their public key). In the current model, this authority is the organization managing the e-mail server; however, if this organization becomes unreliable, other methods of authorizing keys will be needed. Also, multiple keys should be stored on the user’s computer (or account). Additional difficulties are related to private key and its storage: if the user would like to access secure e-mails from different accounts, he or she will have to copy the private key to the other device, which will increase the vulnerability of this key. However, the higher security is, the greater the challenges to the convenience of the system grow, and these disadvantages are the consequence of improved security.

2. Obtain manufactures’ specification on two current cryptographic products for the same algorithm, such as AES, DES, a proprietary algorithm from the manufacturer, or some other algorithm. The products should have different implementations, such as one in hardware and the other software, or one on a smart card and one in software. Determine the amount of time it would take to encrypt a block of characters of some modest size (for example, 3,000 characters) with each

Answer.

In this comparison, the implementation of AES algorithm in a field programmable device (FPD) is compared to the software implementation of AES algorithm based on C++ (Rijndael Reference Implementation) (Daemen and Rijmen 13). Hardware implementation was done basing on the Celoxica RC1000 hardware platform, using parallel architecture (functions of the algorithm were performed independently) (Mali and Novak and Biasizzo, 268).

Encryption of a plain text of 3,000 characters would approximately take 0.7 ms for hardware implementation, and 16.50 ms for software implementation (here only the time spent on encryption is measured) (Mali and Novak and Biasizzo, 268). This, AES hardware encryption is executed approximately 29 times faster than encryption implemented as software Rijndael solution.

3. NoPlainStorage Inc. is trying to create a storage server that will allow users to upload their encrypted files, store it and retrieve it. The company will have no way out to find out what users are storing. The company targets sets of user where one or more users will be uploading the same file (mp3, etc.). The company plans to create an approach which will store the encrypted files only once. Remember, for different keys the cipher text will be different, even if the plain text is the same. So if two users are uploading MJ.mp3 both will be uploading two different encrypted MJ.mp3 files. You have been hired to lead the project. Devise an approach that will allow the company to successfully complete the project. Hint: you can use any combination of symmetric, asymmetric, and hash.

Answer.

To implement this system, all three approaches will be needed: symmetric encryption, asymmetric encryption and hashing. The approach will be implemented in the following way: there will be a local client or an extension of the web service working on the local computer of the client, which will perform manipulations related to encryption and hashing, and will be used to manage asymmetric keys. It is assumed that each user has a pair of asymmetric keys which are generated when this client is launched for the first time. Public key is sent to the server, while private stays on the user’s computer and should not be known by anyone.

When the user chooses a file for upload, the hash of the file will be first of all sent to the server. There will be a table of hash meanings for the files which are already stored on the server (the probability that hash values for different files will be equal is very low, so it is possible to identify files basing on the values of their hashes).

If the hash sent by the user is not found in the table (the uploaded file does not exist on the server), then a new directory for storing this file should be created (most likely, with the name of the folder the same as the hash value for this file), and a symmetric key for encrypting this file will be generated. The symmetric key will be generated once for every file, and will be stored on the server in a protected form; this key will be protected using a 256-bit access code, specific for each user (the access code will be generated according to specific numeric rules, e.g. it will take a 248-bit inverted data sequence from the encrypted file, starting with a random bit number indicated in the first byte of the code). On uploading the file to the server, the client side will receive a newly generated access code encrypted by the user’s public key. In this case, in order to access the file, the user will be able to decrypt the access code using his private key, then he could get the symmetric key using personal access code, and finally he will be able to decode the file, using the symmetric key.

When another user would like to upload a file with similar has value, the process will be the following: once the hash is found in the table, a new access code is generated on the server and encoded by the second user’s public key. The user will be able to access the file (without actually uploading it) after decoding the access key by his private asymmetric key, reaching the symmetric key using the access code, and deciphering the file with the symmetric key.
In this scheme, the symmetric key is never openly stored on the server, and the users have access to the same file using personal encryption for the access codes, and common encryption for the file stored at the server.