Lecture 8: Public Key Encryption, Hashing

• Notes
• Sp20 Slides
• Playlist (length: 1:07:18)

El Gamal Padding

(True/False) The padding scheme presented only works if the message size is less than or equal to the number of plaintext bits

False. It’s stricly less than.

Hybrid Encryption

(True/False) Hybrid encryption works by using symmetric encryption to encrypt a message, and encrypting the symmetric key with asymmetric encryption.

True.

El Gamal Security + Asynchronous Encryption

(True/False) El Gamal is secure if the Discrete Log problem holds

False. El Gamal relies on a slightly stronger assumption described in this lecture clip (called Computational Diffie Hellman)

El Gamal Intuition

Which two cryptographic techniques/protocols is El Gamal built on?

The one-time pad and Diffie Hellman key exchange

Cryptographic Hash Functions

(True/False) Given a cryptographic hash function and some x, it is hard to find x' such that H(x) = H(x')

True. This condition is an implication of collision resistance referred to as second pre-image resistance

Hash Function Applications

(True/False) The application presented relies on the one-way property of a cryptographic hash function

False. One-way doesn’t matter here since the file is public. We care about collision resistance to guarantee integrity of the file.

Integrity and Authentication

(True/False) Encryption only gives you confidentiality but not integrity or authentication.

True.

Message Authentication Codes (MACs)

(True/False) MACs ensure confidentiality and integrity

False. MACs do not ensure confidentiality.

AES-EMAC

(True/False) AES-EMAC is a secure MAC even if the k1 and k2 are identical

False. This is vulnerable to a forgery attack as Raluca explained

Authenticated Encryption

(True/False) If the MAC is over the plaintext message instead of the encrypted message, the described scheme still provides confidentiality, integrity, and authentication.

False. The MAC might leak the message violating confidentiality