Question
Alice would like to send confidential and authenticated messages for Bob. Consider the following security protocol between A lice, B ob, using a trusted S
Alice would like to send confidential and authenticated messages for Bob. Consider the following security protocol between Alice, Bob, using a trusted Server. Notation: E(M,K) encryption of message M with key K; D(M,K) decryption of message M with key K; Sign(M,K) signature of message M with key K, KD-X is the private key of X, KE-X is the public key of X, Ksession is a secret key, Id-X is the identity of X, h(M) is the hash value of message M, Time1 is a time stamp, and || denotes a concatenation of the messages. Assume, Alice and Bob know the Servers public key (KE-S) in a reliable manner.
Message 1: A S: Request signed public keys for A and B
Message 2: S A: Sign([KE-B || Id-B], KD-S) || Sign([KE-A || Id-A], KD-S)
Why did the Server sign both KE-B and KE-A?
Message 3: A B: Sign([KE-A || Id-A], KD-S) || E( Ksession, KE-B) || E (M, Ksession) || Sign(h(M), KD-A)
How can B verify that message originated from A?
What happens if a passive attacker intercepts this message?
Message 4: B A: E (ACK, Ksession)
What will Alice know after receiving the acknowledgment from Bob?
Assume that the protocol is modified as follows:
Message 1: A S: Request signed public keys for A and B
Message 2: S A: (Bobs key || Sign(KE-B, KD-S)) || (Alices key || Sign(KE-A, KD-S))
Message 3: A B: Alices key || Sign(KE-A, KD-S) || E( Ksession, KE-B) || E (M, Ksession) || Sign(h(M), KD-A)
Message 4: B A: E (ACK, Ksession)
Show how Eve can attack the protocol such that she can disclose the message M.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started