Problem 1: (25 points) Suppose that Alice and Bob are employees of a fake company named ’foobar’. All employees of the company use the RSA protocol for encrypting and signing their emails. RSA public

Problem 1: (25 points)

Suppose that Alice and Bob are employees of a fake company named ’foobar’. All employees of the company use the RSA protocol for encrypting and signing their emails. RSA public keys of all employees are stored in a file on the company’s server. The contents of this file are available for public view on foobar’s non-SSL enabled key download web site, hosted at this fake URL: http://foobar.com/pubkeys.html

The email client software used internally in the company has an email signing feature. It works as follows: When the user clicks on the ’Sign and Send’ button in his email client, the client software appends a special ’signature’ tag to the regular email header before sending the email. The signature tag contains the author’s name and the date signed by the author’s RSA private key. The receiver’s email client software automatically verifies the signature tag, if present, by first obtaining the RSA public key of the sender from the foobar’s key website. It then verifies that the email sender’s name and the date in the regular email header matches the signed name and date in the signature tag.

Suppose that a curious employee, Eve, is able to break into the server and alter the file containing RSA public keys. How should Eve alter that file so that she can read confidential encrypted emails sent between Alice and Bob, and Alice and Bob are not made aware that Eve is reading the messages?