Suppose Bob has an RSA Cryptosystem with a large modulus n for which the factorization can not be found, e g , n is 2048 bits long Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (i e , A as 0, B as 1, ) and then encrypting each letter as a separate plaintext character (a) Describe how Oscar can easily decrypt a message which is encrypted in this way (b) One way of fixing this problem is to encrypt several letters at once But even with this approach, RSA is still a deterministic cryptosystem, that is, the same sequence of plaintext letters maps to the same ciphertext This allows some form of traffic analysis (i e , to draw some conclusion about the cleartext by merely observing the ciphertext) For instance, Oscar can see when an earlier message is being sent again, even though he can not decrypt the message Suggest what can be done to change this situation The goal is that the encryption yields different ciphertexts even if the plaintext is the same 4 Suppose Bob has an RSA Cryptosystem with a large modulus n for which the factorization can not be found, e g , n is 2048 bits long Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (i e , A as 0,B as 1, ) and then encrypting each letter as a separate plaintext character (a) Describe how Oscar can easily decrypt a message which is encrypted in this way (b) One way of fixing this problem is to encrypt several letters at once But even with this approach, RSA is still a deterministic cryptosystem, that is, the same sequence of plaintext letters maps to the same ciphertext This allows some form of traffic analysis (i e , to draw some conclusion about the cleartext by merely observing the ciphertext) For instance, Oscar can see when an earlier message is being sent again, even though he can not decrypt the message Suggest what can be done to change this situation The goal is that the encryption yields different ciphertexts even if the plaintext is the same

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 24, 2024

Suppose Bob has an RSA Cryptosystem with a large modulus n for which the factorization can not be found, e.g., n is 2048 bits long.

Suppose Bob has an RSA Cryptosystem with a large modulus n for which the factorization can not be found, e.g., n is 2048 bits long. Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (i.e., A as 0, B as 1, . . .) and then encrypting each letter as a separate plaintext character. (a) Describe how Oscar can easily decrypt a message which is encrypted in this way. (b) One way of fixing this problem is to encrypt several letters at once. But even with this approach, RSA is still a deterministic cryptosystem, that is, the same sequence of plaintext letters maps to the same ciphertext. This allows some form of traffic analysis (i.e., to draw some conclusion about the cleartext by merely observing the ciphertext). For instance, Oscar can see when an earlier message is being sent again, even though he can not decrypt the message. Suggest what can be done to change this situation. The goal is that the encryption yields different ciphertexts even if the plaintext is the same.

image text in transcribed

4. Suppose Bob has an RSA Cryptosystem with a large modulus n for which the factorization can not be found, e.g., n is 2048 bits long. Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (i.e., A as 0,B as 1, ) and then encrypting each letter as a separate plaintext character. (a) Describe how Oscar can easily decrypt a message which is encrypted in this way. (b) One way of fixing this problem is to encrypt several letters at once. But even with this approach, RSA is still a deterministic cryptosystem, that is, the same sequence of plaintext letters maps to the same ciphertext. This allows some form of traffic analysis (i.e., to draw some conclusion about the cleartext by merely observing the ciphertext). For instance, Oscar can see when an earlier message is being sent again, even though he can not decrypt the message. Suggest what can be done to change this situation. The goal is that the encryption yields different ciphertexts even if the plaintext is the same