Audrey changes banks following her troubles with FBT. At her new bank, Northern Security Trust (NST), RSA is used as the cryptographic system. Audrey creates a key pair and supplies to Faith, a manager of NST with her public key {eA, nA}, securing her private key {dA, nA} on a thumb drive which she keeps locked in a wall safe at her home. In turn, Faith, who is designated to handle Audreys business, gave Audrey access to a key server maintained by NST so that she can readily obtain Faiths current public key {eF, nF} whenever she needs to communicate securely with Faith.

Things are fine for several months until Audrey sends Faith a message m asking about current interest rates on Certificates of Deposit issued by NST. As shown below, she encrypts the message with Faiths public key first and then signs with her private key.

C = (m^eF mod nF )^dA mod nA

Where C is the encrypted message and m is the plaintext message.

A few days later, Audrey received a statement that shows a debit of $1,200,000 from her account. On inquiring, she was told that Faith transferred the money out of Audreys account into an account of her own in a bank on the Caribbean island of Nevis, where she moved. When reached via long distance in Nevis, Faith produced a message g from Audrey saying:

"Thanks for your excellent service, Faith. Please transfer $1,200,000 from my account to yours as a token of my esteem and appreciation. Signed, Audrey."

Audrey files suit against Faith, NST and the government of the Nevis, claiming that the message was a forgery sent by Faith herself, asking for triple damages for pain and suffering. Faith has responded by claiming that all procedures were followed properly and that Audrey is filing a nuisance suit.

You have been employed by NST as a cryptographic expert to assist in the investigation of this matter and help them decide what to do with Audrey issue. You obtain Faiths private key from the UST server, and the cipher text C, and calculate

g= (C^eAmod nA)^dFmod nF

Where g is the plain text message which was obtained the cipher text C, dF is Faiths Private key Your report to the NST Board of Directors should address the following issues:

From the facts as presented what can be determined about Audreys intentions to make Faith a gift of $1,200,000? How did the fact help you in forming your conclusion?

What is the significance of Nevis Island? Did the significance sway your decision? If yes why? If no why?

What is the significance of Audreys message to Faith asking for interest rates?

Assuming NST wishes to continue using RSA as its cryptographic system, what NST and Audrey could have done to protect against this controversy arising?

How to proceed in the litigation

Your report should clearly address these issues including the recommendation for Audreys suit, RSA with sufficient detail and background to allow the Board of Directors who are cryptographically challenged to understand the issues involved. It should give direction to formulate plans for how to approach the immediate legal issue with Audrey, and to continue business in the future, assuming that they want to continue using only RSA. Assume that the directors do not know what RSA is and how it works