I've completed the following assignment, save for the final question. I would like a review of the answers I've provided for completeness and accuracy and help understanding how to answer the final question (#4).

1) Suppose Alice, Bob, and Carol want to use secret keys to authenticate each other. If they all used the same secret key K, then Bob could impersonate Carol to Alice (actually any of the three can impersonate the other to the third). Suppose instead that each had their own secret key, so Alice uses KA, Bob uses KB, and Carol uses KC. This means that each one, to prove his/her identity (authenticate), responds to a challenge with a function of his/her secret key and the challenge. Is this more secure that having them all use the same secret key K? (Hint: what does Alice need to know in order to verify Carol's answer to Alice's challenge?)

Answer: Cryptography is a process in which the data at the sender side is converted into encrypted code and then transmit over the internet to the receiver where the decryption is performed to convert encrypted data to its normal form. Authentication is the property in which the identity of the valid user is analyzed and verified and in order to communicate they does not require different secret keys as the data is not unique to themselves and does not require to authenticate themselves and the identities can be forged and impersonated easily without public key technology because they still know each other`s keys to the verification which means that using unique secret is not more secure than using single secret key.

2) Why would you want to send a message and a digital signature of the message to someone?

Answer: To guarantee and ensure that the message that you are sending to the recipient is not altered in the transit and in case the message is tampered with in the transit the receiver is notified.

3) What are the steps that must be performed when digitally signing a message?

Answer: (1)Calculating the message digest

The purpose of this is to calculate the hash-values of the message that is sent to the recipient and also makes it impossible to find the message from the given message hash-value.

(2)Digital signature calculation

The purpose of digital signature calculation is to ensure that the information or the results obtained from message digest encrypts with the private key of the message sender to create & obtain an encrypted hash-value.

(3)Verification of the digital signature

This serves to ascertain or ensure that the message delivered was signed by the private key corresponding to the public key.

4) What is the purpose (reason) for each step identified in part 2 above?