## Homework 2

This homework is focused on cryptography.

Overview

• Due Date: Monday, November 4, 5pm.
• Group or Individual:  Do this assignment as an individual.  But you are allowed to talk with others in advance of actually doing the assignment.
• How to Submit:  Submit a PDF to Catalyst.  Your assignment does not need to be entirely typed / developed with computer software.  You could hand-write your assignment, and hand-draw some diagrams, and then submit a PDF scan of your hand-written assignment.

Q1 (example question).  Describe in your own words (or words plus a picture) how someone might use a symmetric encryption scheme to encrypt a message.  Also describe in your own words (or words plus a picture) how someone might use a symmetric encryption scheme to decrypt a message.

A1 (example answer).  (We are answering this question for you, so that you can get a sense for what type of answers we are looking for.)  A symmetric encryption scheme is designed to protect the privacy of messages communicated between Alice and Bob.  Both Alice and Bob share the same secret key K.  Alice encrypts the message by running the encryption algorithm with key K and the message M as input, to get a ciphertext C.   Bob decrypts the ciphertext by running the decryption algorithm with key K and ciphertext C as input, to get back the original message M.

Q2.  Describe in your own words (or words plus a picture) how someone might use a symmetric message authentication scheme to authenticate a message.  Also describe in your own words (or words plus a picture) how someone might use a symmetric message authentication scheme to verify the authenticity of a message and tag pair.

Q3.  Describe in your own words (or words plus a picture) how someone might use an asymmetric encryption scheme to encrypt a message.  Also describe in your own words (or words plus a picture) how someone might use a asymmetric encryption scheme to decrypt a message.

Q4.  Describe in your own words (or words plus a picture) how someone might use a digital signature scheme to authenticate a message.  Also describe in your own words (or words plus a picture) how someone might use a digital signature scheme to verify the authenticity of a message and tag pair.

Q5.   Describe in your own words the role of a cryptographically secure pseudorandom number generator (PRNG).

Q6.   Give an example of why we desire cryptographically secure PRNGs over classical PRNGs.

Q7.  Explain why we use a password-based key derivation function to derive a symmetric key from a password, rather than simply use the password as the key for a symmetric encryption scheme or MAC.

Q8.  Compare and contrast a symmetric encryption scheme with an asymmetric encryption scheme.  How are they similar?  How are they different?

Q9.  (This is a repeat from the in-class worksheet.  The goal here is to apply the tools that you have already learned.  There may be multiple right answers.  If you have to make any assumptions, make those assumptions explicit.)

Using the cryptographic building blocks that you’ve already learned about, give the steps involved when Alice sends a (long) encrypted message to Bob.  Consider only encrypting the message with Bob’s public key (you don’t need to sign it with Alice’s private key).

Also give Bob’s steps for decrypting the message.  Bob’s private key is stored encrypted, under his passphrase, on his computer.