- Alice: p = 17, q = 7, n = 119, e = 55, d = 7,
- Bob: p = 13, q = 11, n = 143, e = 37, d = 13.

- Your computation of the plaintext that Alice needs to sign.
- Alice's digital signature of this plaintext.
- Your computation of the message that Bob sent to Alice.

Note that there is another possibility for e and d for Bob's RSA system: e = d = 19. Describe an attack that would allow Eve (a passive attacker) to determine that e and d are the same. What does the attacker gain by learning that e and d are the same?

Would choosing the same e and d present a problem in a real-life RSA system?

- Alice generates an RSA system (p1, q1, n1, e1, d1) and keeps all the parameters secret,
- Bob generates an RSA system (p2, q2, n2, e2, d2) and keeps it secret,
- Alice encrypts a message M with using e1 and n1: M1 = M^e1 mod n1, sends M1 to Bob,
- Bob encrypts M' using e2 and n2: M2 = M1^e2 mod n2, sends M2 to Alice.
- Alice decrypts the result using d1 and n1: M3 = M2^d1 mod n1, sends the result to Bob,
- Bob decrypts it using d2 and n2: M4 = M3^d2 mod n2.

Would choosing n1 = n2 make a difference?

- Alice's and Bob's key is 13,
- Alice's and Carol's key is 17,
- Alice's and Dave's key is 19.

- Alice and Bob can restore the secret,
- Alice, Carol, and Dave can restore the secret, but Alice with just Carol or just Dave cannot.
- Bob and either Carol or Dave can restore the secret.
- Carol and Dave cannot restore the secret without Alice or Bob.

CSci 4509 homepage

The views and opinions expressed in this page are strictly those of the page author. The contents of this page have not been reviewed or approved by the University of Minnesota.