1️⃣ What is asymmetric (public key) cryptography? How many keys does each user have?
✅ two keys: public + private
Each user has a public key (shared openly) and a private key (kept secret). Mathematically related, but cannot derive private from public.
Encryption with one key requires the other key for decryption.
2️⃣ List the main shortcomings of symmetric cryptography (slide 6).
✅ confidentiality only, key distribution, O(n²) keys
Confidentiality only – no integrity/authentication/non‑repudiation.
Key distribution problem – secret key must be established securely.
Large number of keys – for n users, need ~n²/2 keys; each user stores n‑1 keys.
3️⃣ How many keys are needed for 1000 users using symmetric crypto? How many with asymmetric? (slide 6 & 10)
✅ symmetric ~500,000; asymmetric ~2000
Symmetric: n(n‑1)/2 ≈ 1000·999/2 ≈ 499,500 keys.
Asymmetric: 2n = 2000 keys (each user has one public + one private).
4️⃣ Write the equations for encryption using public key and encryption using private key (slide 12).
✅ E_pub(M)=CT; D_priv(CT)=M ; E_priv(M)=CT; D_pub(CT)=M
Enc with public: CT = E_PUB-Alice(M); M = D_PRIV-Alice(CT).
Enc with private: CT = E_PRIV-Alice(M); M = D_PUB-Alice(CT).
5️⃣ Explain how Alice sends a confidential message M to Bob using public key crypto. Who can decrypt? (slide 13)
✅ CT = E_PUB-Bob(M); only Bob can decrypt
Alice encrypts with Bob's public key → CT. Bob decrypts with his private key → M.
Only Bob can decrypt because only he has the private key.
6️⃣ Why is public key cryptography rarely used for bulk data encryption? Give approximate speed comparison (slide 14).
✅ asymmetric ~100× slower
AES‑128: ~100 MB/s; RSA‑1024: ~1 MB/s (software). So asymmetric is much slower.
Solution: use asymmetric to exchange a symmetric session key, then use symmetric encryption for data.
7️⃣ Explain the attack by Mallory that shows public key encryption alone provides no integrity/authenticity (slide 17).
✅ Mallory replaces ciphertext; Bob can't tell it's not from Alice
Alice sends CT = E_PUB-Bob(M). Mallory intercepts, discards it, and sends CT_evil = E_PUB-Bob(M_evil). Bob decrypts and has no idea the message was replaced – confidentiality only, no authenticity.
8️⃣ How can public key cryptography provide integrity and authenticity? What is this called? (slide 19–20)
✅ sign with private key, verify with public – digital signature
Alice computes DS = E_PRIV-Alice(M) and sends it. Bob computes M = D_PUB-Alice(DS). Only Alice could have produced DS → authenticity, integrity, non‑repudiation. (No confidentiality)
9️⃣ What is a digital signature? Which security goals does it provide? (slide 22, 29)
✅ authentication, integrity, non‑repudiation
Authentication – verifies sender.
Integrity – detects any change.
Non‑repudiation – sender cannot deny.
Confidentiality is not maintained.
🔟 Why do we sign a hash of the message instead of the entire message? (slide 23–24)
✅ asymmetric slow; hash is fixed-size and fast
Signing a large file with asymmetric crypto would be too slow. Instead, hash the file (fast) and sign the hash (small, fixed size).
1️⃣1️⃣ Describe the digital signature process using a hash (slide 24).
✅ hash → sign hash → send (message + signature) → verify
1. Alice computes hash H(M) → MD.
2. Computes DS = E_PRIV-Alice(MD).
3. Sends M and DS to Bob.
4. Bob hashes M → MD'.
5. Decrypts DS with Alice's public key → S.
6. If S == MD', signature is valid.
1️⃣2️⃣ In digital signatures, which key is used to sign and which to verify? How does this differ from encryption for confidentiality? (slide 28)
✅ sign: private; verify: public. Encryption: recipient's public
Signature: sender's private key to sign, sender's public key to verify.
Confidentiality: recipient's public key to encrypt, recipient's private key to decrypt.
1️⃣3️⃣ How does a digital signature provide non‑repudiation? (slide 29)
✅ only sender has private key → cannot deny
Since only the sender possesses the private key, any signature that verifies with the sender's public key must have been created by the sender. They cannot repudiate it.
1️⃣4️⃣ In the hash‑based signature process, how is integrity ensured? (slide 24)
✅ any change in M → hash changes → verification fails
If the message M is altered, its hash MD' will differ from the decrypted signature S. The verification fails, indicating tampering.
1️⃣5️⃣ Compare symmetric and asymmetric cryptography regarding: confidentiality, integrity, authentication, non‑repudiation, key distribution, scalability (slide 30).
✅ see table
Symmetric: confidentiality yes, integrity/no, auth/no, non‑repud/no, key distribution difficult, O(n²) keys.
Asymmetric: confidentiality yes, integrity yes (with sig), auth yes, non‑repud yes, key distribution easier, O(n) keys.
📐 FORMAL CONCEPTS – WEEK05 (ASYMMETRIC)
🔑 Key pair
public key (PUB) – shared openly
private key (PRIV) – kept secret
mathematically related but one‑way
🔐 Encryption (confidentiality)
CT = EPUB‑Bob(M)
M = DPRIV‑Bob(CT)
Only Bob can decrypt
✍️ Digital signature (integrity/auth)
DS = EPRIV‑Alice(M)
M = DPUB‑Alice(DS)
Anyone can verify, only Alice can sign
⚡ Signature with hash
MD = H(M)
DS = EPRIV‑Alice(MD)
Send (M, DS); Bob computes H(M) and verifies DPUB‑Alice(DS) == H(M)
📊 Key scalability
Symmetric: n(n‑1)/2 keys (O(n²))
Asymmetric: 2n keys (O(n))
⏱️ Speed comparison
AES‑128: ~100 MB/s
RSA‑1024: ~1 MB/s
Asymmetric ~100× slower
🛡️ Goals achieved by signature
Integrity – hash binding
Authentication – private key ownership
Non‑repudiation – only sender has private key
📋 Symmetric shortcomings
confidentiality only
key distribution problem
O(n²) keys
🔁 Relationship
Digital signatures are an application of asymmetric crypto
Encryption: recipient's public key
Signature: sender's private key
ACADEZI 2026