c
 


cc
   



Chapter 3 Review Questions

3.1 List three approaches to message authentication.

1.| pessage authentication code (p C)

2.| One-way hash function

3.| Hp C

3.2 What is a message authentication code?

n authentication technique that involves the use of a secret key to generate a

small block of data that is appended to the message.

3.3 Briefly describe the three schemes illustrated in Figure 3.2.

The message digest is encrypted using conventional encryption, public-key

encryption and a hash function to be authenticated.

3.4 What properties must a hash function have to be useful for message

authentication?

To be useful for messageauthentication, a hash function H must have the

following properties:

1.| H can be applied to a block of data of any size.

2.| H produces a fixed-length output.

3.| H(x) is relatively easy to compute for any given x, making both hardware

andsoftware implementations practical.

4.| For any given code h, it is computationally infeasible to find x such thatH(x) =

h. hash function with this property is referred to as one-way orpreimage

resistant
c
 


cc
   


÷.| For any given block x, it is computationally infeasible to find y != x withH(y) =

H(x). hash function with this property is referred to as second preimage

resistant. This is sometimes referred to as weak collision resistant.

6.| It is computationally infeasible to find any pair (x, y) such that H(x) = H(y).

hash function with this property is referred to as collision resistant. This

issometimes referred to as strong collision resistant.

3.÷ In the context of a hash function, what is a compression function?

compression function takes a fixed-length input and returns a shorter, fixed-

length output.

3.6 What are the principal ingredients of a public-key cryptosystem?

Plaintext: This is the readable message or data that is fed into the algorithminput.

Encryption algorithm: The encryption algorithm performs various transformations

on the plaintext.

Public and private key: This is a pair of keys that have been selected so that if

one is used for encryption, the other is used for decryption. The exact

transformations performed by the encryption algorithm depend on the public or

private key that is provided as input

Ciphertext: This is the scrambled message produced as output. It depends on

c
 


cc
   


the plaintext and the key. For a given message, two different keys will produce

two different ciphertexts.

Decryption algorithm: This algorithm accepts the ciphertext and the matching

key and produces the original plaintext.

3.7 List and briefly define three uses of a public-key cryptosystem.

1. Encryption/decryption

2. Digital signature

3. Key exchange

3.8 What is the difference between a private key and a secret key?

The difference is the private key remains private to be used by one person to

encrypt and decrypt and the public key is for anyone to use to that has it.

3.9 What is digital signature?

digital signature is an electronic signature that can be used to authenticate the

identity of the sender of a message or the signer of a document, and possibly to

ensure that the original content of the message or document that has been sent

is unchanged.