Sie sind auf Seite 1von 10

Project

For Skill’s Development of ICT Engineers


Targeting Japanese Market

February 2018 Model Exam


Solution of AM Question # 21

Solution Provided By:


Shaheer Mahdi Jilanee, Lecturer
Dept. of CSE, The University of Asia Pacific (UAP)
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

QUESTION:
By carrying out the processing shown in the procedure, which of the
followings can the recipient B do in addition to detecting the tampering of
messages?
• [Procedure]
• Processing of the sender A
• (1) Generate a digest from a message using a hash function.
• (2) Generate a signature of the message from the digest generated in
(1) by using the secretly retained own signature creation key.
• (3) Send the message and the signature generated in (2) to the
recipient B.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

QUESTION (CONT.):
• [Procedure] (Cont.)
• Processing of the recipient B
• (4) Generate a digest from the received message using a hash
function.
• (5) Verify the received signature using the digest generated in (4) and
the signature verification key of the sender A.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

ANSWERS:
a. To confirm that the message is from the sender A
b. To identify the tampered parts of the message
c. To detect wiretapping of the message
d. To prevent leakage of the message
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

SOLUTION:
• Digital Signature: A digital signature is a mathematical scheme for demonstrating
the authenticity of digital messages or documents.
• Advantages:
• It verifies if the sender is legitimate.
• It verifies if the message was tampered with or not.
• Disadvantages:
• It cannot identify what part of the message was specifically tampered with.
• It cannot fix the tampered parts of the message.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

SOLUTION (CONT.):
• Public Key Encryption: A digital signature is a mathematical scheme for
demonstrating the clandestinity of digital messages or documents.
• Advantages:
• Only the recipient can decrypt the message.
• Only the sender and recipient are privy to the contents of the message.
• Disadvantages:
• It cannot verify sender of the message.
• The sender cannot decrypt the message.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

SOLUTION (CONT.):
• [Procedure At Sender, A]:
• Message → Hash Function → Digest → Encrypted → Signature
• Encryption is achieved via a Signature Creation Key (Private Key)
• Private Key: A private key is a tiny bit of code that is paired with
a public key to set off algorithms for text encryption and
decryption.
• A message and signature is sent to recipient, B.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

SOLUTION (CONT.):
• [Procedure At Recipient, B]:
• Recipient B, receives a message and signature from sender, A.
• Message → Hash Function → Digest
• Signature → Decrypted → Digest
• Both digests are compared and if they match, the
correspondence is a success.
QUESTION NUMBER 21 MOCK EXAMINATION OF FEBRUARY 2018

SOLUTION (CONT.):
• Choosing The Correct Answer:
a.To confirm that the message is from the sender A
• The signature can only be decrypted using the public key of sender, A.
• We are guaranteed that the sender is legitimate as they had sender, A’s public key
encrypted by a private key.
b. To identify the tampered parts of the message
• This is not possible due to the limitations that public key cryptography presents us with.
c. To detect wiretapping of the message
• There exists no mechanism that can possibly detect this en route.
d. To prevent leakage of the message
• This is the responsibility of sender A, as they are the ones encrypting the message.
Thank You