Consider the following scenario:
Alice receives a message, a digital signature and a certificate from Bob. In order to verify the signature, Alice does the following:
Hashes the received message using the same hash algorithm that Bob used, that's your calculated hash
Decrypts the signature using the public key contained in the certificate, that your decrypted hash
Compares the calculated hash and the decrypted hash
Because the 2 hashes are identical, Alice goes on and:
Checks the validity period on the certificate
Because the certificate is still valid according to its validity period, Alice goes on and identifies the issuer of the certificate.
She looks for a certificate for the issuer on the Internet and finds one on a forum page.
She uses the issuer's certificate to verify the signature on Bob's certificate.
Because the signature is valid, Alice concludes that the message was indeed written by Bob and that the message was not tampered with during its transit over the network.
What do you think about Alice's conclusion? Did she miss any step into the verification? Please include in your response any assumption that you have used.
in this scenario the alice can conclude that it was the message sent from the bob only not from any other third party people because alice follows all the steps in order to identify the validity of the sender by using certifications.
Consider the following scenario: Alice receives a message, a digital signature and a certificate from Bob....
Suppose, Bob (the sender) wants to send a message to Alice. Before sending the message, Bob generates a digital signature. Assume that Bob and Alice use both of the public-key cryptography system and hash function when computing digital signatures. Say, the hash function used to compute and verify signatures is insecure, but the public-key cryptography system is secure. Show that Trudy can forge signatures.
Suppose, Bob (the sender) wants to send a message to Alice. Before sending the message, Bob generates a digital signature. Assume that Bob and Alice use both of the public-key cryptography system and hash function when computing digital signatures. Say, the hash function used to compute and verify signatures is insecure, but the public-key cryptography system is secure. Show that Trudy can forge signatures.
Question 4 (5 points) Consider the following scenario: Alice wants to send Bill a message. Alice encrypts some information using Bill's public key; Bill decrypts the ciphertext using his private key. This is an example of: Question 4 options: 1) symmetric encryption 2) digital certificate 3) asymmetric encryption 4) digital signature