# Lecture 9: Public-Key Encryption and Digital Signatures

## Asymmetric Encryption

(True/False) Asymmetric encryption is the same as symmetric, except a user has two private keys instead of one

## One-Way Functions

Is the one-time pad (with an unknown-key) a one-way function?

## Public Key Encryption and Semantic Security

What is the main difference between the IND-CPA and Semantic Security games we've seen in class?

## El-Gamal Encryption Scheme

(True/False) In El-Gamal encryption, the exponent r must be random

## El Gamal Padding

(True/False) The padding scheme presented only works if the message size is less than or equal to the number of plaintext bits

## Hybrid Encryption

(True/False) Hybrid encryption works by using symmetric encryption to encrypt a message, and encrypting the symmetric key with asymmetric encryption.

## El Gamal Security + Asynchronous Encryption

(True/False) El Gamal is secure if the Discrete Log problem holds

## El Gamal Intuition

Which two cryptographic techniques/protocols is El Gamal built on?

## Digital Signatures

If Verify(PK, m, Sign(SK, m)) always outputted 1, a digital signature scheme would still satisfy correctness. Which other property would fail? How?

## RSA Signature Scheme

(True/False) The modulus n must be a prime number

## RSA Signature Scheme Security

In order for the RSA signature scheme to be secure, it is sufficient for the modulus n to be kept secret