EXAMEN DE CRYPTOGRAPHIE
by using Euclid's Algorithm. Hint: you don't need to simplify x. Corrigé : Exercice 1
: 1. On a aa' = 1 + k(p ? 1) donc maa' = m.mk(p?1) m mod p, puisque m(p?1) ...
part of the document
Examen de Sécurité Informatique
Durée : 1h30 � Documents non autorisés
Exercice 1 (7pts)
1. On considère le crypto système (sans clé) suivant :
Un grand nombre premier p est public et les unités de message sont des entiers m, 1 d" m 5lh��mH��sH����hE-d�hE-dh��mH��sH����hÛg�h��mH��sH����hE-dh��mH��sH����hÛg��hVH*�h��mH��sH����hV�hVH*�h��mH��sH��� j�ºð�hVh��mH��sH����hV�hVh��mH��sH����hVh��mH��sH��0�N�¾�`���¾�M�N�O�P�Q�R�¼���U����ññàÏϾ°°°°°°°��$�
&�F�1$�7$8$H$a$�gd¤,E
�$�1$�7$8$H$a$�gd¤,E��$�
&�F�1$�7$8$H$a$�gd>5l��$�
&�F�1$�7$8$H$a$�gdE-d��$�
&�F�1$�7$8$H$a$�gdV
�$�1$�7$8$H$a$�gdV� �����T�U����������-�Q�T�U�Z�\�j������� �¦�§�¨�©�ª�¸�Ñ�ã�*�,�1�6�7�8�£�¥�Ó"óêóêóêóêáÕÉÕÉÕÉÕÉÕÉáÉáÉáÉá긬óáóáóáó s��hî�~�hî�~h��mH��sH����hî�~h��mH��sH����hISY�hISYh��mH��sH����hISY5�\�h��mH��sH����h¤,E�h°s§h��mH��sH����h¤,E�hû]Åh��mH��sH�� �jÕ��hû]Å�hû]ÅU��h��mH��sH����hû]Å�h¤,Eh��mH��sH����hû]Å�hû]Åh��mH��sH����hû]Åh��mH��sH����h¤,Eh��mH��sH����h¤,E�h¤,Eh��mH��sH��)��¨�ª�7�8��ë�L��Ó�#�
�¤�¥�ý�`�º�� U r îØʾµµµµµµµµµ©©©©©©��$��¤ÿ]¤ÿa$�gdî�~��¤ÿ]¤ÿgdISY��$��¤ÿ]¤ÿa$�gdGX
�$�1$�7$8$H$a$�gd¤,E��$��8��h�1$�7$8$H$^8�`h�a$�gdû]Å��$�
&�F�1$�7$8$H$a$�gdû]Å�r ¥ !U!f!¼!!""Ô"Õ"�#Y#£#î#:$$$Ð$�%e%©%ð%x@ú@ü@AóóóóóóóóóåååååååååååååÙÙÙ��$��¤ÿ]¤ÿa$�gd¯h
�$�1$�7$8$H$a$�gd¯h��$��¤ÿ]¤ÿa$�gdî�~�Ó"Õ""#$#(#*#;#>#A#E#L#O#R#V#_#a#t#u#{#|#¯#°#¶#·#Ô#×#Ø#Ù#Ú#Ý#�$�$:$
�hj>
5�U��\�h��mH��sH����hj>
5�\�h��mH��sH����h¯hh��mH��sH���U����h¯h�h¯hh��mH��sH����h¯h�h¯h6�]�h��mH��sH�� 2 = 7717, y = 12667 and z = 14702. In this case, compute c1
by using Euclid� s Algorithm. Hint: you don� t need to simplify x.
�
�Corrigé :
Exercice 1:
1. On a aa� = 1 + k(p �" 1) donc maa� = m.mk(p�"1) ( m mod p, puisque m(p�"1) ( 1 mod p.
2.
(a) 215(1 mod 31, 415(1 mod 31
(b) #A = '(30) = '(2)'(3)'(5) = 8. A = {1, 7, 11, 13, 17, 19, 23, 29, }, éléments
dont les inverses modulo 30 sont respectivement 1, 13, 11, 7, 23, 19, 17, 29.
(c) On doit avoir b �" 1 multiple de 5, d'où b = 11.
(d) De 4b = 4 le pirate déduit b = 1 ou b = 11.
Si b = 1, b0 = 1 et m = Eb0 = 8.
Si b = 11, b0 = 11 et m = Eb0 _ 811 _ 233 _ 23 = 8 mod 31.
Exercice 2:
Exercice 3:
(a) The integer k must be coprime to p�"1 for the inverse k�"1 mod p�"1 to exist.
(b) Bob computes u ( yrrs mod p and v ( gm mod p; show that if the signature is valid, then u = v.
yrrs ( gar(gk)k�"1(m�"ar)( gar+m�"ar ( gm mod p.
(c) she can choose integers u and v with v coprime to p �" 1, compute r ( guyv mod p and s ( �"rv�"1 mod p�"1; verify that (r, s) is a valid signatuA�A�A�A2AÞAæA&BÊBfCÎC.DpDæDèDE�E�E�E¾EóçÜÑÃñÃÃÃÃÃÃÃÑÜÜܨ��¤ÿ]¤ÿgdç���$��Ð�1$�7$8$H$`Ð�a$�gd�K
�$�1$�7$8$H$a$�gd¥-ð
1$�7$8$H$gd¥-ð
1$�7$8$H$gd¸,ú��$��¤ÿ]¤ÿa$�gd¯h��$��¤ÿ]¤ÿa$�gdÃ/$�¼AÆAÈAÊAäAæAîAòAöAøA�B�B�B$BäDèDúDüDE�E�E�E&E(EEE¨EªEäEæEêEìEîEðE
F�FòæÚæÑæÑòÅÑòÅÑæ»±ª±» yiy[ii[� j�ºð�hç�OJ�QJ�^J�h����hç��h>5lH*�OJ�QJ�^J�h����hç�OJ�QJ�^J�h����h>5l�h>5lOJ�QJ�^J�h����h>5l�hç�OJ�QJ�^J�h����h¸,ú�h¸,ú5�h����h¥-ð5�h����h¸,ú�h¥-ð5�h����h¥-ð�h¥-ð\�h��� j�¹ð�h�Kh��mH��sH����h¥-ðh��mH��sH��� j�ºð�h¥-ðh��mH��sH����h¥-ð�h¥-ðh��mH��sH����h¥-ð�h¥-ðH*�h��mH��sH��#�F�F�FBFDFFFFFFFFFFF F²F´F¸FÆFÈFÊFÎFÐFhGjGnGpGtGvGxGzGGGðGòGHPHPJPLPNPPPRPVPXP\P^P`PbPdPfPhPjPnPrPñáñÖñáñáñÈñáñáñáÈñáñÈñáñÖñÈñáñáñÈñ½ñ»ñ«ñ«ññ«ñ«ñ«ñ«ññ«� j�ºð�ho3fOJ�QJ�^J�h����ho3f�h>5lH*�OJ�QJ�^J�h���U����ho3fOJ�QJ�^J�h��� j�ºð�hç�OJ�QJ�^J�h����hç�OJ�QJ�^J�h����hç��h>5lH*�OJ�QJ�^J�h����h>5l�h>5lOJ�QJ�^J�h��7¾EFàF6PüP_R`RaR~RRRRRRRRRRRööêáÕɾ°®®®®®®®®¬®���
�$�1$�7$8$H$a$�gd¢
~
1$�7$8$H$gdS{¿��$��¤ÿ]¤ÿa$�gd>5l��$��¤ÿ]¤ÿa$�gdK,���¤ÿ]¤ÿgdK,���$��¤ÿ]¤ÿa$�gdo3f��¤ÿ]¤ÿgdç��re for the message m = us.
We find yrrs ( yr(guyv)s ( gusyry�"r ( gus mod p, so (r, s) is the signature of the message m = us.
(d) Here (r, s) is a valid signature if yrrs ( gh(m) mod p. In order to find a message with signature (r,s), Malice now has to look for an m with h(m) = us; but this is next impossible for pre-image resistant hash functions.
� SHAPE \* MERGEFORMAT ����
�
�
�
�
Département informatique Le 7/06/2011
Faculté Electronique et Informatique Master RSD 1ère année
USTHB
