Question

Q1. Let p be a prime and (alpha) be a primitive root modulo p. The ElGamal public-key cipher ((M, C, K_e, K_d, E_{k_e}, D_{k_d})) is defined as follows: (ullet) (M = mathbb{Z}_p^* = {1, 2, 3, dots, p - 1}), (C = mathbb{Z}_p^* imes mathbb{Z}_p^), (K_e = {p} imes {alpha} imes mathbb{Z}_p^), (K_d = mathbb{Z}_{p-1}). A user first chooses a random number u in (mathbb{Z}_{p-1}) as his private key (k_d := u), then publicizes his public key (k_e = (p, alpha, eta)), where (eta = alpha^u mod p). To encrypt a message x with a public key (k_e = (p, alpha, eta)), one picks up a (secret) random number (v in mathbb{Z}_{p-1}), and then does the encryption as follows: (E_{k_e}(x, v) = (y_1, y_2)), where (y_1 = alpha^v mod p), and (y_2 = xeta^v mod p). When the receiver receives the ciphertext ((y_1, y_2) in mathbb{Z}_p^* imes mathbb{Z}_p^*), he does the decryption as follows: (D_{k_d}(y_1, y_2) = y_2 left(y_1^{k_d} ight)^{-1} mod p), where (left(y_1^{k_d} ight)^{-1}) denotes the multiplicative inverse of (y_1^{k_d}) modulo p. Prove that the decryption process above is correct. 20 marks

          Q1. Let p be a prime and (alpha) be a primitive root modulo p. The ElGamal public-key cipher ((M, C, K_e, K_d, E_{k_e}, D_{k_d})) is defined as follows:
(ullet) (M = mathbb{Z}_p^* = {1, 2, 3, dots, p - 1}), (C = mathbb{Z}_p^* 	imes mathbb{Z}_p^*), (K_e = {p} 	imes {alpha} 	imes mathbb{Z}_p^*), (K_d = mathbb{Z}_{p-1}).
A user first chooses a random number u in (mathbb{Z}_{p-1}) as his private key (k_d := u), then publicizes his public key (k_e = (p, alpha, eta)), where (eta = alpha^u mod p).
To encrypt a message x with a public key (k_e = (p, alpha, eta)), one picks up a (secret) random number (v in mathbb{Z}_{p-1}), and then does the encryption as follows:
(E_{k_e}(x, v) = (y_1, y_2)),
where (y_1 = alpha^v mod p), and (y_2 = xeta^v mod p).
When the receiver receives the ciphertext ((y_1, y_2) in mathbb{Z}_p^* 	imes mathbb{Z}_p^*), he does the decryption as follows:
(D_{k_d}(y_1, y_2) = y_2 left(y_1^{k_d}
ight)^{-1} mod p),
where (left(y_1^{k_d}
ight)^{-1}) denotes the multiplicative inverse of (y_1^{k_d}) modulo p. Prove that the decryption process above is correct.
20 marks

Q1. Let p be a prime and (alpha) be a primitive root modulo p. The ElGamal public-key cipher ((M, C, Ke, Kd, Eke, Dkd)) is defined as follows:
(ullet) (M = mathbbZp^* = 1, 2, 3, dots, p - 1), (C = mathbbZp^* imes mathbbZp^*), (Ke = p imes alpha imes mathbbZp^*), (Kd = mathbbZp-1).
A user first chooses a random number u in (mathbbZp-1) as his private key (kd := u), then publicizes his public key (ke = (p, alpha, eta)), where (eta = alpha^u mod p).
To encrypt a message x with a public key (ke = (p, alpha, eta)), one picks up a (secret) random number (v in mathbbZp-1), and then does the encryption as follows:
(Eke(x, v) = (y1, y2)),
where (y1 = alpha^v mod p), and (y2 = xeta^v mod p).
When the receiver receives the ciphertext ((y1, y2) in mathbbZp^* imes mathbbZp^*), he does the decryption as follows:
(Dkd(y1, y2) = y2 left(y1^kd
ight)^-1 mod p),
where (left(y1^kd
ight)^-1) denotes the multiplicative inverse of (y1^kd) modulo p. Prove that the decryption process above is correct.
20 marks

Added by Veronica M.

Question

Please give Ace some feedback