GATE CSE 2013 | Question: 13

Question

Using public key cryptography, $X$ adds a digital signature σ to message $M$, encrypts $\langle M, \sigma \rangle$, and sends it to $Y$, where it is decrypted. Which one of the following sequences of keys is used for the operations?

• A.  Encryption: $X’s$ private key followed by $Y’s$ private key;
   Decryption: $X’s$ public key followed by $Y’s$ public key;
   
• B.  Encryption: $X’s$ private key followed by $Y’s$ public key;
   Decryption: $X’s$ public key followed by $Y’s$ private key;
   
• C.  Encryption: $X’s$ public key followed by $Y’s$ private key;
   Decryption: $Y’s$ public key followed by $X’s$ private key;
   
• D.  Encryption: $X’s$ private key followed by $Y’s$ public key;
   Decryption: $Y’s$ private key followed by $X’s$ public key

Comments

This topic is not in syllabus of GATE 2021 as it comes under network security: basics of public key and private key cryptography, digital signatures and certificates

Source: https://gatecse.in/gate-2021-syllabus-including-changes/

Answer 1

$X$ adds his digital signature$:$ In order to identify the authentic user, $X$ uses his Private Key to encrypt his signature.

$X$ then encrypts the whole message with the digital signature$:\ X$ uses $Y's$ Public Key to encrypt the message so that $Y$ can decipher it when it reaches to him using his private key.

Message then reaches $Y$.

$Y$ then uses his Private key to decrypt the message, and extracts the message and along with the signature.

But as the signature has been encrypted using $X's$ private key so$:$

$Y$ uses $X's$ Public Key to see the signature if it matches $X's$ actual signature (this step ensures that no one can fake as $X$ and sends a message to $Y$ ). 

Nobody can tamer the message as in order to do that he/she has to first know $Y's$ private key to decipher the message extract the signature and then change the signature and then recreate that using $X's$ private key which is not with him.

So, sequence of operations:

$X's$ Private Key$\Rightarrow$Y's public key$\Rightarrow$Y's Private key$\Rightarrow$X's public Key.

Answer is option (D).

Comments

Rupendra Choudhary The point made by you for option B is incorrect however the option is also incorrect.

X's private key is used for digitally signing the message and then Y's public key is used to encrypt the message, but the next step should be to first decrypt the whole message using Y's private key followed by usage of X's public key for verifying the signatures. 

So the option D follows these steps and hence it is correct.

---

Y's private key and X's private are not allow to travel on channel.only public keys are allow to travel on channel

---

is this question out of syllabus?

Answer 2

It is obvious that X can't encrypt using its own public key as it leads to security breach. X has to encrypt using its private key. So, option (c) is incorrect.

As X can only know about Y's public key (and not private key), this message will further be encrypted using Y's public key. So, option (a) is incorrect.

While decrypting, Y can decrypt the message (using its private key) only after deciphering the encrypted message using X's public key. Accordingly, the option (b) is also not correct.

 

 

therefore option D.

Answer 3

ans d)

Comments

Why Option B is wrong ?

---

@jay rathod let us suppose B is correct than

Step1: X adds digital signature to M, which can be done using X's private key, say X_PR. So now we have

<M,σ> as <M,(X_PR,M)>

Step2: X Encrypts <M,σ> (after signing digitally, we are encrypting it to send)  using public key of Y, so we have Y_PU(M,(X_PR,M)) then send to Y.

Step 3: At y, Decrypt using X's public key. X_PU(Y_PU(M,(X_PR,M))₎. which doesn't seems to generate the plain text as order is not correct. 

Now instead, If I would have chosen D, then ill first decrypt using Y's private key i.e Y_PR(X_PU(Y_PU(M,(X_PR,M))) which will give (M,(X_PR,M)).

Step 4: Now apply X public key to verify if sender's identity is correct or not by extracting out the digital signature and retrieving M, i.e X_PU(X_PR,M)=M

So correct order of operations is in D.