Custom essays: Security

. Digital signatures are widely discussed and used, thus it is important to understand what they are.
a. In an essay that does not need to be long, but needs to be detailed and clear, explain how Alice would sign a document; that is, explain exactly what would be computed to serve as her signature. Then, explain how Bob, or anyone else, would use Alice’s signature to verify the authenticity of the signed document and that it had not been altered since it was signed.
In asymmetric encryption, the process of signing the document is the following (assuming that Alice already has a pair of keys, public and private, and that Bob):
1. Alice should hash her message using an established hash algorithm (generally, it is MD5)
2. Message hash should be encrypted using Alice’s private key: this is Alice’s digital signature for this particular message
3. Alice’s digital signature should be added to the document and sent to the recipient (e.g. Bob)
The process of verifying digital signature, assuming that Bob already has Alice’s public key, is the following:
1. Bob needs to calculate current hash value of the message using the same algorithm as Alice did (here we also suggest that their encryption systems use one method of hashing)
2. Alice’s digital signature is decrypted using Alice’s public key; thus, the original hash value is obtained
3. Bob should compare current hash value and original hash value. If they coincide, it is a proof of authentication and message integrity.
If two hashes are equal, integrity is evident: if the message was altered, hashes would be different. Also, authentication is guaranteed because Alice is the only person who could use her private key to encode the original hash, and decryption using Alice’s public key led to the correct result. Thus, digital signature allows the recipient to check integrity and authenticity of the message knowing only public key of the sender.
b. A paper document can be signed by two parties. Explain how two parties could put their digital signatures on a digital document.
When two or more parties need to sign one digital document, a sequential procedure is applied. Multi-signature schemes can be divided into two types: RSA- and DLP-based (Schneier, 2000). These schemes assume that the message is fixed before the process of signing starts, and that the order of signers is also fixed. The first party adds personal digital signature to the document. The other party signs on the message plus previous signature. The verification needs to be performed in a reverse order (Stinson, 2006).
3.a. The Diffie-Hellman key agreement (also called the Diffie-Hellman key exchange) is not an encryption algorithm. What is it used for?
Diffie-Hellman key exchange allows two correspondents to create a secret key. The advantage of this method lies in the fact that two parties which have no knowledge about each other each select arbitrary numbers (following a special mathematical procedure) and Diffie-Hellman scheme allows them to create a secret key for encrypting their messages. This key is unknown by both parties, since they possess only parts of this key. Thus, this key agreement might by used for establishing a secret communication channel while using a public network or other means of communication (Lewand, 2000).
The procedure is the following: Alice and Bob agree on two numbers, one prime number P and base number G, which is primitive root modulo P, i.e. for every integer a with gcd (a, p) = 1 there is an integer k such that G^k is identical with a (mod P) (Stinson, 2006). Then Alice chooses a secret number A, and sends to Bob AA = G^A mod P. Bob, in his turn, also selects a number B, and sends Alice BB = G^B mod P. After that, Alice and Bob can calculate the desired secret key S: Alice needs to compute S = BB^A mod P, and Bob should calculate S = AA^B mod P. They will essentially receive the same number in the end, because G^(AB) mod P = G^(BA) mod P. At the same time, secret A and B numbers are known only to their owners.

3.b. Illustrate the steps in the Diffie-Hellman key agreement with a numerical example using manageably sized numbers.
Illustration of Diffie-Hellman key agreement:
1. Selection of prime number (Alice and Bob together): let it be P=23
2. Selection of base value (Alice and Bob together): G=5
3. Alice’s choice of secret number: A = 6
4. Alice computes AA to send to Bob: AA = G^A mod P =5^6 mod 23 = 15 625 mod 23 = 8
5. Bob’s choice of secret number: B=15
6. Bob computes BB to send to Alice: BB = G^B mod P = 5^15 mod 23 = 30 517 578 125 mod 23 = 19
7. Alice obtains the key: S = BB^A mod P = 19^6 mod 23 = 47 045 881 mod 23 = 2
8. Bob obtains the key: S = AA^B mod P = 8^15 mod 23 = 2.

References
Lewand, Robert Edward. Cryptological Mathematics. Mathematical Association of America, 2000.
Panko, Raymond R. Corporate computer and network security. Pearson, 2009.
Schneier, Bruce. Secrets and lies: digital security in a networked world. John Wiley, 2000.
Stallings, William. Cryptography and Network Security: Principles and Practice. Prentice Hall, 2010.
Stinson, Douglas Robert. Cryptography: theory and practice. Chapman & Hall/CRC, 2006.