Consider the ElGamal scheme (described in section 10.2) with q = 11 and = 6. A has a private key XA = 2 and public key YA = 3. (a) B choses the random integer k = 5, and the plaintext B wants to encrypt is M = 3. Show what will be calculations done by B to get the value of the ciphertext C1;C2. (b) Show what will be calculations done by A to recover the plaintext M from C1;C2. Note that you rst need to gure out what is the value of K.

2.Give brief and clear explanations for the following by showing in a step-by-step manner how the BG would attack the scheme if we changed things as suggested in the question Consider the key distribution protocol of Figure 14.18, page 452 for distributing session keys using secret-key encryption and the Key Distribution Center. Ka is the master key shared between A and the KDC, Kb is the master key shared between B and the KDC, Ks is the session key to be used to encrypt data between A and B, and Na;Nb are nonces. Note that A is the one initiating the request to get a session key. (a) Explain why in round (3) IDA is included in the encrypted EKb (KS; IDA;Nb) i.e. suppose that round (3) consisted of IDA;EKb (KS;Nb) (so that IDA was being sent in the clear) how would the bad guy BG attack the scheme? (b) Explain why in round (3) (KS; IDA;Nb) is encrypted with EKb i.e. i.e. suppose that round (3) consisted of (KS; IDA;Nb) instead of EKb (KS; IDA;Nb), how would the bad guy BG attack the scheme? (c) Explain what role Nb plays in the protocol i.e. assuming that Nb was not there in the protocol, how would the bad guy BG attack the scheme?