1.8k views

Using public key cryptography, $X$ adds a digital signature σ to message $M$, encrypts $<M, \sigma>$, and sends it to $Y$, where it is decrypted. Which one of the following sequences of keys is used for the operations?

1.  Encryption: $X’s$ private key followed by $Y’s$ private key;
Decryption: $X’s$ public key followed by $Y’s$ public key;

2.  Encryption: $X’s$ private key followed by $Y’s$ public key;
Decryption: $X’s$ public key followed by $Y’s$ private key;

3.  Encryption: $X’s$ public key followed by $Y’s$ private key;
Decryption: $Y’s$ public key followed by $X’s$ private key;

4.  Encryption: $X’s$ private key followed by $Y’s$ public key;
Decryption: $Y’s$ private key followed by $X’s$ public key
edited | 1.8k views

$X$ adds his digital signature$:$ In order to identify the authentic user, $X$ uses his
Private Key to encrypt his signature.

$X$ then encrypts the whole message with the digital signature$:\ X$ uses $Y's$
Public Key to encrypt the message so that $Y$ can decipher it when it reaches
to him using his private key.

Message then reaches $Y$.

$Y$ then uses his Private key to decrypt the message, and extracts the message
and along with the signature.

But as the signature has been encrypted using $X's$ private key so$:$

$Y$ uses $X's$ Public Key to see the signature if it matches $X's$ actual signature
(this step ensures that no one can fake as $X$ and sends a message to $Y$ ).

Nobody can tamer the message as in order to do that he/she has to first know
$Y's$ private key to decipher the message extract the signature and then change
the signature and then recreate that using $X's$ private key which is not with him.

So sequence of operations:

$X's$ Private Key$\Rightarrow$Y's public key$\Rightarrow$Y's Private key$\Rightarrow$X's public Key.

Ans is option (D).

edited
+1
What is the problem with option c,That is feasible too.

Plz explain
0
X doesn't have Y private key it has access to its public key only. That's why C is wrong
0
why sign then encrypt .. any good reason ?
+3
0
thanks krish :)
0
given link is not clearing that why sign before encryption
0
@ sid1221

It is given in question itselt that message was first signed and then encrypted. However Generally, we can first encrypt and then sign as well. But in this question, it was first signed and then encrypted.
0
i think there should be vaild reason for it ...
0
Hello sid

Yes! there is.

When we use digital signature with public key cryptography our aim is to provide confidentiality as well as authenticity. Now option 'D' says sign your document with your private signature (private so nobody else can sign with your signature)and then lock your signed document into a box with some key(that key can be public , no issue)to make our data confidential we have to do some arrangement so that ,People can only see that some box is going but no one can know what's inside the box and this can only happen when they can't have the key that can unlock box and it can happen when box can only be unlock with some unique key that only receiver possess (private key)Now receiver will first unlock our box with his private key and then he can check whether you or someone else signed the document by cross verifying the document with your public key.So that's option 'D'.

I'm decoding option 'C' , you decide whether it's a good choice or not.

It's saying sign your document with such a signature that everyone can do like at the place of your signature just write 'A' (everyone can write 'A' so everyone can sign some forgery document with your signature)and then lock your box with destinations's private key...i'm surprise how can you possess someone else's private key...i think it's even gone here..

option 'B' :- here you are decrypting using 'X' public key and it's like sender locked the box without any key so everyone can open the box so confidentiality is gone here.Not a good choice to follow then.

option A :- Same again how can 'X' posses 'Y's private key...
0
ok i got ur point but still feel nhi aayi :P any way thanks :)
0
Can anyone tell what's difference between option B and option D
–1 vote
ans d)
0
Why Option B is wrong ?
0

@jay rathod let us suppose B is correct than

Step1: X adds digital signature to M, which can be done using X's private key, say XPR. So now we have

<M,σ> as <M,(XPR,M)>

Step2: X Encrypts <M,σ> (after signing digitally, we are encrypting it to send)  using public key of Y, so we have YPU(M,(XPR,M)) then send to Y.

Step 3: At y, Decrypt using X's public key. XPU(YPU(M,(XPR,M))). which doesn't seems to generate the plain text as order is not correct.

Now instead, If I would have chosen D, then ill first decrypt using Y's private key i.e YPR(XPU(YPU(M,(XPR,M))) which will give (M,(XPR,M)).

Step 4: Now apply X public key to verify if sender's identity is correct or not by extracting out the digital signature and retrieving M, i.e XPU(XPR,M)=M

So correct order of operations is in D.