Lecture 9: Integrity and Authentication + Key Management

Is AES-EMAC a hash function?

(True/False) AES-EMAC is a hash function if the key is kept private


(True/False) The underlying hash function must be collision resistant for the security of HMAC to hold

Digital Signatures

If Verify(PK, m, Sign(SK, m)) always outputted 1, a digital signature scheme would still satisfy correctness. Which other property would fail? How?

RSA Signature Scheme

(True/False) The modulus n must be a prime number

RSA Signature Scheme Security

In order for the RSA signature scheme to be secure, it is sufficient for the modulus n to be kept secret

Intro to Key Management

Take some time to think of some solutions on your own before moving on!

Trusted Directory

Let's say the TD includes Bob's name in it's response, but puts the name outside of the signature. What attack can a MiTM now perform?

Updating the Trusted Directory

(True/False) It is secure for Alice to use the same random nonce to request keys for multiple users.