**Task 1. Cryptanalysis**

Let πΈππ be an encryption algorithm based on a one-way function πΉ , and π a shared secret key between the sender and the receiver. πΈππ works as follows:

1. Compute πΎ = πΉ(π)||πΉ(2π)||πΉ(3π)||πΉ(4π)||.. ;

2. For a message π, the ciphertext is computed as πβ¨πΎ (i.e., one-time pad).

Assume that an eavesdropper knows the function πΉ but does not know the secret key π.

a) Suppose πΉ is defined as πΉ(π₯) = π π₯ πππ π where p is a 1024-bit prime number and π is a generator of ππβ . Assume that the discrete logarithm problem cannot be solved in the group ππ β . The secret key π is chosen randomly from ππβ1 . Show that the eavesdropper can decrypt the whole message easily once after obtaining π, π, and the first 1024 bits of the plaintext-ciphertext pair.

b) Suppose πΉ is an RSA function, that is πΉ(π₯) = π₯ π πππ π where n is 1024-bit long. Assume the RSA problem cannot be solved in the group ππ β, and r is chosen randomly from ππ β . Show that the eavesdropper can decrypt the

message easily once after obtaining n, e, and the first 1024 bits of the plaintext-ciphertext pair.

**Task 2. Shamir Secret Sharing**

In this section, you are to design and implement (t, n) Shamirβs secret sharing scheme as described in the lecture in C++, Java or Python. Your program should be called SSS.cpp, SSS.java, or SSS.py and it comprises at least the following functionalities:

β’ Share Generation: to generate shares in the (t, n) Shamirβs secret sharing scheme. As a hint, you should at least accept the secret, t, n and the modulus in the parameter.

β’ Share Reconstruction: to reconstruct the secret from the given shares in the (t, n) Shamirβs secret sharing scheme.

In this part, you need to explain your design first in file Task2.pdf to explain the logic of your functions. As usual, you need to take the screen capture of the sample run of your program and put it in Task2.pdf as well.

**Task 3. ElGamal Signature with SHA-1**

In this section, you are to implement an ElGamal signature scheme, where the message will need to be first hashed with the SHA-1 algorithm. The algorithm for SHA-1 is available online, for example at:

In your report for this section, you will need to quote any algorithm where you download online and cite it accordingly, instead of stating that it is written by you. The program is divided into three parts:

β’ Keygen: this part is to generate the private and public key for ElGamal algorithm and store it in a file called πππ¦ππππ.π‘π₯π‘.

β’ Sign: this part is to sign a text file given as an input. In this mode, the program will ask for the name of the text file, then read the private key from πππ¦ππππ.π‘π₯π‘ for signing. Prior to signing the file, the program will compute the hash of the file using SHA-1, then sign it to produce π ππ.π‘π₯π‘.

β’ Verify: this part is used to verify the signature in π ππ.π‘π₯π‘ for the file, using the public key from πππ¦ππππ.π‘π₯π‘.

You need to structure your program using the possible inputs given as the parameter of the program. This part needs to be written in Java, C++, or Python. This part will need to be submitted with the filename ElGamalsign (with .cpp, or java, or py respectively), together with Task3.pdf containing your report detailing how to use the program.

**Task 4. Design of One-Time Signature Schemes**

A fail-stop signature scheme provides some extra protection to the system. An the unbounded adversary is an adversary who can solve a computationally hard problem, such as discrete logarithm problem and factorization problem.

Please refer to the following scheme:

Key Generation

Public Key:

π¦1 = π π1π¦ π2 (πππ π)

π¦2 = π π1π¦ π2 (πππ π)

π denotes a generator of ππ

β and π¦ is a random element from ππ

β. The private key is (π1,π2, π1,π2).

Signing

π1 = π1π + π1Β (πππ π)

π2 = π2π + π2 (πππ π)

where π|π β 1. The signature on π is (π1,π2).

The notation π|π β 1 means that π is a multiple of π β 1.

Verification

To verify (π,π1, π2 ), one does the following.

π¦1 ππ¦2 π π1 =? π¦ π2 (πππ π).

If the equation holds, then the signature is accepted. Otherwise, the signature is rejected.

Write a C++, Java or Python program to accomplish the task. You need to take the screen capture of the sample run of your program and put it in a file named

Task4.pdf. You need to submit both your source code and the report (Task4.pdf).

**5 Task 5. Implementing Ring Signature of 2 users**

In this task, you are to implement a ring signature for 2 users, as described in the lecture notes. The input files are the following:

β’ publickey.txt

β’ message.txt

The file publickey.txt has four lines, which indicates: π1 ,π1 ,π2 ,π2 from RSA algorithm. The message.txt contains a string of characters, which needs to be signed. You need to implement two programs: sign and verify. The sign program will sign the message (from message.txt) and read the public keys from publickey.txt. It will ask for one input, which is user 1 or user 2, who is the signer, and the program will ask for that userβs private key. Then, the sign program will output signature.txt.

The verify program will take an input of publickey.txt, message.txt and signature.txt and it will output True or False to show the verification of the ring signature.

The symmetric encryption should use the AES algorithm. You can import the AES algorithm from the existing library or use any implementation of AES algorithm (with 10 rounds) to do this.

You may implement you program using C++, Java, or Python. You need to take the screen capture of the sample run of your program and put it in a file named

Task5.pdf. You need to submit both your source code and the report (Task5.pdf).

**6 Task 6. Various Questions**

Answer the following questions. You do not need to implement any program for these tasks. These tasks are pen-and-paper exercises. Please show all your workings for Task 6.1 to 6.4. Answers without showing the workings, receive no mark.

1. Assume that the size of message space (domain) for a given hash function is 2 50. Also, assume that we want the chance of the adversary finding a collision to be at most 2 β30. What is the size of the hash (in bits) required?

2. Sign and verify the message π = 11 using the RSA signature when π = 59, π = 47, and π = 15.

3. Demonstrate that the RSA signature with the parameters given in Q2 is forgeable under chosen message attack with two messages π1 = 2 and π2 = 3.

4. Adam and Bob share the same modulus π = 21 for RSA, and encryption exponents ππ = 5 and ππ = 4 with πππ(ππ,ππ ) = 1 . Charlie sends them the same message π encrypted with ππ and ππ respectively, resulting in the ciphertexts ππ = 14 and ππ = 7. Eve intercepts both ππ and ππ , and applies a common modulus attack to recover the message π. What is the message π?

Write your answer in a file called Task6.pdf. You need to show all the key steps in order to obtain full marks. Submit Task6.pdf together with the other tasks in this assignment to Moodle.

##### Stuck with a lot of homework assignments and feeling stressed ?

Take professional academic assistance & Get 100% Plagiarism free papers

The post CSCI361: you are to design and implement (t, n) Shamirβs secret sharing scheme as described in the lecture in C++, Java or Python: Cryptography and Secure Applications Assignment, UOW appeared first on Singapore Assignment Help.