MODD and CFCS / Mr. Hansen	Name: ________________________________
11/19/2015

 

Key Exchange Worksheet

 

Did you know that unbreakable (literally unbreakable!) ciphers are possible? One way to make an unbreakable cipher that scrambles bytes into mush that nobody could ever read is to make a key that is as long as the message, using pseudorandom byte values (or better yet, _____________________ ). Then, exchange that key with the person you wish to communicate with. When you get ready to send your secret message, simply XOR it, byte for byte, against that ultra-long key that is as long as the message. The person at the other end receives the mush, XORs it a second time against the key, and recovers the message. Voila! A foolproof scheme for transmitting data securely! Nobody could read the message without having the key.

 

Um, there are some problems with this.

 

1.   First, the key has to be transmitted securely. This is a big problem in practice.

2.   Second, the key has to be as long as the message. This is also a big problem. To transmit a 2 GB file, we would need a key that is 2 GB long. That’s impractical. We really don’t ever want to use keys that are longer than 2048 bits.

 

So, what we really need is a method for exchanging keys securely. One method for doing this is found at the bottom of p. 351 to the middle of p. 352 of the MODD textbook (a copy is left on top of the speaker in MH-102).

 

When a group of people agree on the parameter values for a system of key exchange similar to the one outlined below, we have an infrastructure known as a PKI ( __________ __________ __________ ).

 

Step 1. Agree on a large integer, N, which will be used as the modulus (“mod”) of all the computations.

 

Step 2. Choose a positive integer C that is less than N. This number is known to everyone in the PKI. It can even be shared with the outside world, although it usually is not.

 

Step 3. The sender chooses a large integer, I, to serve as his private key. This value is never shared with anyone else for any reason.

 

Step 4. Similarly, the recipient chooses a large integer, J, to serve as his private key. Again, this value is never shared with anyone else for any reason.

 

Step 5. Sender computes a number P, which is equal to C^I mod N. Remember, the way to do this is to take C² mod N, then multiply that by C and take the result mod N to get C³ mod N. Multiply again by C and take the result mod N to get C⁴ mod N. Continue in this manner until you get C^I mod N, and store that value as P. Warning: Don’t try to compute C^I first and then take the result mod N. No computer can do this, except for very small values of C and I. Take the result mod N at each step along the way, and keep multiplying one more time by C and taking the result mod N.

 

Step 6. Receiver computes a number Q, which is equal to C^J mod N. Use the same procedure as described in step 5.

 

Step 7. Sender and receiver exchange their values of P and Q with each other. No secret information is being communicated at this point.

 

Step 8. The sender, having received Q, computes Q^I mod N. The receiver, having received P, computes P^J mod N. Use the same procedure for exponentiation mod N that was described in step 5.

 

Step 9. If all goes well, Q^I mod N should equal P^J mod N. The result, Q^I mod N = P^J mod N, is a secret session key that the sender and receiver can use to conduct a secret communication with each other. We call this a “shared secret” since nobody other than the sender and receiver know what the value is.

 

The brilliance of this procedure is that sender and receiver can exchange keys over an unsafe communications channel (e.g., the ____________), but having done so, they now have a key that would be extraordinarily difficult for an eavesdropper to deduce if the values of C, N, I, and J are large.

 

Your Tasks

 

1.   Fill in the blanks in the descriptive text above.

 

2.   Using values of N = 37, C = 33, I = 11, and J = 13, construct the session key for both the sender and the receiver. If you do everything correctly as described above, the answers should match. Show work below and on additional sheet(s) of paper, and circle your answers. Work with a partner, but both people must show work.

 

3.   The exercise in #2 is of no real-world value, since the keyspace is tiny. Here is a more believable example, though still way too small to be highly secure. Using a spreadsheet or a computer program (your choice), work with a partner to recover the session key for both sender and receiver when N = 771, C = 349, I = 51947, and J = 61394. Hint: You will save tons of time if you use the F5 key in Excel to navigate to distant regions of the spreadsheet. SHIFT+CTRL+UPARROW highlights all cells above the current cell to the next occupied cell above, and CTRL+D copies the formula at the top of the column DOWN throughout all highlighted cells. Save your spreadsheet or computer program for later evaluation. This is a difficult challenge, and you may need to exchange ideas with other students in other groups. Make sure to double-check your work by computing the session key for both sender and receiver. If you do everything correctly, they should agree.