Cryptography Reference
In-Depth Information
(b) Some organisations choose to use an OpenPGP-compliant gateway server
to conduct cryptographic operations on behalf of users. A recipient who
is not a member of the organisation is required to visit the gateway server
to retrieve encrypted email. Compare the key management issues of this
approach with the use of IDPKC to secure email.
22
. Consider a transport ticketing application for a large city that allows travelers
to pay for their journeys using smart cards that contain pre-loaded monetary
value. Travelers activate payment by presenting their smart cards to payment
gateways at the start and end of their journey. Following the approach of the
other cryptographic applications discussed in this chapter, for this ticketing
application:
(a) What are the main security requirements?
(b) What are the application constraints that influence the design of suitable
security mechanisms?
(c) Which cryptographic primitives are suitable for deployment
in this
application?
(d) Which cryptographic algorithms and key lengths do you suggest are
supported?
(e) How should key management be conducted?
23
. Following the approach of other cryptographic applications discussed in
this chapter (as outlined above), discuss the cryptographic design and key
management of the different versions of Bluetooth, which allows short-range
wireless communication between two Bluethooth-enabled devices.
