Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cryptography > Elgamal Encryption > Flashcards

Elgamal Encryption Flashcards

Lecture 17 (8 cards)

Start Studying
1
Q

What is Elgamal?

A

Elgamal is added on to Diffie Hellman, in order to encrypt messages. It is based on the Discrete Logarithm Problem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How does Key Generation work in Elgamal?

A
  • Choose a large prime number (p)
  • Choose a generator (g) of the group (mod p)
  • Choose a private key (x), which is a random number
  • Compute the public key, using: y = g^x mod p
  • Publish public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does Elgamal encrypt messages?

A
  • Choose a random ephemeral key (k), which is co-prime to (p - 1) and must also be different for each message
  • Compute the masking key, using the public key
  • Encrypt the message using the private key combined with the masking key, mod p
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you decrypt using Elgamal?

A
  • You receive the encrypted message alongside the ephemeral key
  • Re-compute the masking key using details from the ephemeral key mod p
  • Decrypt the message using the private key that is calculated using the message and the masking key inverted
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the practicalities of using Elgamal?

A
  • Elgamal has major weaknesses if you re-use an ephemeral key, and is also less efficient than simply using Diffie-Hellman then AES instead of Diffie-Hellman then Elgamal.
  • It is highly popular for use in digital signatures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some practicalities surrounding using Elgamal for Digital Signatures?

A
  • Without hashing, it is vulnerable to existential forgeries and key recovery is possible if you re-use the ephemeral key.
  • The combined message and signature m is roughly 3 times the size of the prime p, which makes Elgamal signatures quite inefficient.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are some properties of DSA?

A
  • Computed in a subgroup of prime order q, which is usually 160 bits
  • The signature is 320 bits
  • Hashing is enforced by the algorithm, and a hash function must match the key size
  • Index calculus does not apply to the sub-group, so 160 bit DSA signatures have a security of 80 bits
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some properties of ECDSA?

A
  • Identical to DSA in function, but instead uses an elliptic curve
  • More efficient, does not require modulus of thousands of bits
  • Security level is based on generic attacks against Elliptic Curves
  • Deterministic generation of k is often used for safety
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cryptography (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions