Knowee
Questions
Features
Study Tools

For each approach, state Secure or Insecure, and explain why that approach does or does not achieve the two desired notions of confidentiality described above.(a) Aldebaran computes c = Enc(pkB , m) and broadcasts (pkB , c). Borealis observes the broadcast containing their public key and obtains the message as m = Dec(skB , c). (b) Aldebaran computes cmsg = Enc(pkC , m), cdest = Enc(pkC , pkB ) and broadcasts (pkC , cmsg, cdest). Chandra observes the broadcast containing her public key. She then decrypts the des-tination address as pkdest = Dec(skC , cdest) and broadcasts (pkdest, cmsg). Borealis then obtains the message as m = Dec(skB , cmsg).

Question

For each approach, state Secure or Insecure, and explain why that approach does or does not achieve the two desired notions of confidentiality described above.(a) Aldebaran computes c = Enc(pkB , m) and broadcasts (pkB , c). Borealis observes the broadcast containing their public key and obtains the message as m = Dec(skB , c). (b) Aldebaran computes cmsg = Enc(pkC , m), cdest = Enc(pkC , pkB ) and broadcasts (pkC , cmsg, cdest). Chandra observes the broadcast containing her public key. She then decrypts the des-tination address as pkdest = Dec(skC , cdest) and broadcasts (pkdest, cmsg). Borealis then obtains the message as m = Dec(skB , cmsg).

...expand
🧐 Not the exact question you are looking for?Go ask a question

Solution

(a) Secure: This approach is secure because it achieves both notions of confidentiality. Firstly, it ensures that only the intended recipient (Borealis) can decrypt the message, as they are the only one with access to the corresponding private key (skB). This is known as confidentiality under chosen plaintext attack (CPA). Secondly, it also ensures that an eavesdropper cannot learn anything about the message, even if they know the public key and the ciphertext. This is known as confidentiality under chosen ciphertext attack (CCA).

(b) Insecure: This approach is insecure because it does not fully achieve the two desired notions of confidentiality. While it does ensure that only the intended recipient (Borealis) can decrypt the message (CPA confidentiality), it fails to protect against an eavesdropper learning information about the message (CCA confidentiality). This is because Chandra broadcasts the encrypted message (cmsg) along with the decrypted destination address (pkdest). An eavesdropper who knows Chandra's public key (pkC) could potentially decrypt the destination address themselves, and then use that information to decrypt the message.

This problem has been solved

Similar Questions

For each approach, state Secure or Insecure, and explain why that approach does or does not achieve the two desired notions of confidentiality described above.(e) Aldebaran computes cmsg = Enc(pkC, Enc(pkB, m)), cdest = Enc(pkC, pkB) and then broadcasts (pkC, cmsg, cdest). Chandra observes the broadcast containing her public key. She then computes c ′ msg = Dec(skC, cmsg), pkdest = Dec(skC, cdest), and broadcasts (pkdest, c′ msg). Lastly, Borealis observes a broadcast containing their public key, and obtains the message as m = Dec(skB, c′ msg)(d) Aldebaran computes cmsg = Enc(pkC, m), cdest = Enc(pkC, pkB) and broadcasts(pkC, cmsg, cdest). Chandra observes the broadcast containing her public key. She then computes m = Dec(skC, cmsg) and pkdest = Dec(skC, cdest). Lastly, she re-encrypts c ′ = Enc(pkdest, m) and broadcasts (pkdest, c′ ). Borealis identifies their public key in the broadcast and obtains the message m = Dec(skB, c′ ).

(e) Aldebaran computes cmsg = Enc(pkC, Enc(pkB, m)), cdest = Enc(pkC, pkB) and then broadcasts (pkC, cmsg, cdest). Chandra observes the broadcast containing her public key. She then computes c ′ msg = Dec(skC, cmsg), pkdest = Dec(skC, cdest), and broadcasts (pkdest, c′ msg). Lastly, Borealis observes a broadcast containing their public key, and obtains the message as m = Dec(skB, c′ msg).

Aldebaran computes cmsg = Enc(pkC, m), cdest = Enc(pkC, pkB) and broadcasts(pkC, cmsg, cdest). Chandra observes the broadcast containing her public key. She then decrypts the destination address as pkdest = Dec(skC, cdest) and broadcasts (pkdest, cmsg). Borealis then obtains the message as m = Dec(skB, cmsg).Is it secure?

1. (15 marks) One of the approaches below is ”secure”. For each approach, state Secure or Insecure, and explain why that approach does or does not achieve the two desired notions of confidentiality described above.

) The consortium decide to implement the final approach described in question 1, using Elgamal public key encryption with the following parameters: (p, g) = (103, 5). Aldebaran’s public key is pkA = 51, Borealis’ public key is pkB = 55 and Chandra’s public key is pkC = 38. Some time later, Chandra receives a different broadcast (38, cmsg, cdest) where cdest = (55, 10) and cmsg = (c1, c2) = ((101, 28),(90, 94)). i. (2 marks) Confirm whether or not Chandra’s public key corresponds to her secret key skC = 22. ii. (5 marks) Who is the final intended recipient of the message? (Hint: compute the Elgamal decryption Dec(skC, cdest) and compare with the known public keys.) iii. (6 marks) Hence, what does Chandra broadcast? (Hint: compute the Elgamal decryptions Dec(skC, c1) and Dec(skC, c2))

1/2

Upgrade your grade with Knowee

Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.