# CS作业代写 Week 6 Tutorial Sheet – cscodehelp代写

Week 6 Tutorial Sheet
Information Integrity and Authentication
IMPORTANT NOTES:
Study lecture materials at least 1 hour and prepare Q1-6 prior to the tutorial session. Prepared questions will be discussed in the tutorial session.

1. Briefly describe three main use of digital signature.
2. Describe the stages of generating and verifying the RSA digital signature for long documents.
3. Discuss features of a good one-way hash function.
4. Discuss digital signature requirements.
5. What is Message authentication?
6. What are three requirements for MAC?
7. For n=77, e=13 and d=37 what is the value of a RSA digital signature of message M=15?
(155 mod 77 = 1). Assume the basic (textbook) RSA signature where no hash function is used.
8. For n=77 e=17 the value of a RSA digital signature for message M=12 is 45. Show the verification process (915 mod 77 = 1, 515 mod 77 = 34). Assume the basic (textbook) RSA signature where no hash function is used.
9. List two disputes that can arise in the context of using Message Authentication Codes (MACs).
10. Suppose 𝐻 (𝑚) is a collision resistant hash function that maps a message of arbitrary bit length into an n-bit hash value. Is it true that, for all messages 𝑥,𝑥′ with 𝑥 ≠ 𝑥′, we have 𝐻(𝑥) ≠ 𝐻(𝑥′)? Explain your answer.
Optional Questions for Further Exploration
1. What is the difference between a message authentication code and a one-way hash?
2. With regards to a 𝑛-bit output hash function 𝐻 with 𝑛 ≥ 32:
(a) How long does it take on average for a brute force attack to find a message 𝑀 such that 𝐻 (𝑀 ) has 32 zero leading (leftmost) bits? Note that in this case, the 𝑛 − 32 trailing (rightmost) bits of 𝐻(𝑀) can be arbitrary. Assume that the output of the hash is evenly distributed and each input is independent.
(b) How long does it take on average for a brute force attack to find two messages 𝑀1 and 𝑀2 such that 𝐻(𝑀1) and 𝐻(𝑀2) collide on the 32 leading bits? Note that in this case the string of 32 leading bits of 𝐻(𝑀1) must equal the string of 32 leading bits of 𝐻(𝑀2) though the value of that 32 bit string can be arbitrary, while the trailing 𝑛 − 32 bits of 𝐻 (𝑀1) and 𝐻 (𝑀2) can be arbitrary and unequal bit strings.
3. The following figure illustrates two methods in which a hash code can be used to provide message authentication. Explain both methods.

Week 6 Tutorial Sheet