Assignment 2 FAQ

Please consult this FAQ regularly. Questions will be added here as they arise.

Q:: How can I use the RSA encryption algorithm?
A:: Instructions are available from the subject web page (link). Additionally, please read the instructions on how to install the Cryptix JCE provider (link).

Q:: When is the deadline, Nov. 7 or Nov. 14?
A:: The deadline is Nov. 7, but you may submit until Nov. 14 without penalty.

Q:: At step 6 of Alice, if the message contains gibberish, how do we know which exception to throw, WrongEncryptionException, or WrongDecryptionException?
A:: You can't find out. So please throw a WrongEncryptionException, and ignore the WrongDecryptionException.

Q:: In step 6, Alice can lie, claiming she received gibberish, and accuse Bob of cheating in step 3 or step 5. Bob can detect this and call Alice's lie in step 7. However, how will Alice communicate her accusation to Bob? In other words, how can Bob know that Alice (falsely) accused him of cheating?
A:: As the interfaces are designed, there is no way of letting Bob know about Alice's accusation (or vice versa, see question 6). So instead of changing the interfaces again, you may ignore this possibility. In other words, you only need to detect cheating, not false accusations of cheating.

Q:: In step 5, Bob can lie, claiming Alice cheated so Bob cannot properly perform step 5. Alice can detect this and call Bob's lie in step 7. However, how will Bob communicate his accusation to Alice? In other words, how can Alice know that Bob (falsely) accused her of cheating? (Notice the similarity to question 5.)
A:: As the interfaces are designed, there is no way of letting Alice know about Bob's accusation (or vice versa, see question 5). So instead of changing the interfaces again, you may ignore this possibility. In other words, you only need to detect cheating, not false accusations of cheating.

Q:: What did you just mean by the last two questions?
A:: Short answer: Ignore WrongAccusationException and WrongValidationException.

Q:

Is there a bug in the original Messages.java?

A:

Yes, there is, on line 126, in the method getRandomBytes(). Instead of reading

System.arraycopy(this.message, 0, randomBytes, Message.HEADS.length(), randomBytes.length);

it should read

System.arraycopy(this.message, Message.HEADS.length(), randomBytes, 0, randomBytes.length);

If you do not wish to make the change yourself, you may download the new Message.java or the new zip of all the files.

Q:: When throwing the TooEarlyException, does it matter who sends the keys first, i.e. whether step7KeyPairToAlice() or step7KeyPairToBob() is called first? Or should we stick to the exact way the protocol is run, that is first Alice sends her keys and after that Bob sends his keys.
A:: No, it doesn't matter, as long as both have reached step 7. If the order mattered, the protocol would have 8 steps, e.g. step 7: Alice to Bob, and step 8: Bob to Alice.

Q:: We have been asked to use Alice's modulus to generate Bob's key pair. But if we do that then won't Alice and Bob's keys be the same?
A:: In the general case, their key pairs won't be the same, because d and e would be different. e should be generated as a random number relatively prime to phi(n), but for some reason the Cryptix source code doesn't do this. It actually fixes e to some value (a prime).
So if you want to do generateKeyPairForModulus properly, you should generate e as a random number (from a secure source), and calculate the d. This is not very hard, it only requires a small modification to the Cryptix source code. However, since we didn't make this a part of the assignment spec, we'll allow you to handle it the way Cryptix does.

Q:: Do we need to remove all print statements before submitting our code?
A:: No you do not. When we test, we will just look for the Exceptions. However, please don't submit code that prints loads of information, that will make it harder for us to mark your assignment. In other words, please don't print the keys, or the messages passed between Alice and Bob at every step of the protocol. But printing out the messages at the beginning and end, for instance, is fine.

Q:: Do we need to print out status messages in Alice and Bob?
A:: No, we don't require it. However, you may do it as long as it's not too much (see question 14).

Q:: CoinFlip doesn't stop when an exception is throw, it just keeps on going. Should we add exit commands to stop it when exceptions occur.
A:: First, don't exit statements to Alice or Bob. Second, CoinFlip as we supplied it is not sufficient to test your code properly. It was never meant to do exhaustive testing either. We think it's your job to test your code properly. As a result, you should modify CoinFlip (or create another class) to test you code properly.