An authentication protocol using a key distribution center (KDC) is shown in figure.

A -----------> KDC -------------> B

Each user share one and only one key with KDC. The authentication and the exchange of session key between two users happens via KDC. A --------> KDC : IDA, E(KA, [IDB, KAB]) KDC --------> B: E(KB, [IDA, KAB]) For example, if A wants to communicate with B, he creates a session key KAB and indicates to KDC that he wants to speak to B by sending message encrypted by KA. KA is key shared between A and KDC. KDC decrypts this message and creates a new one intended for B, containing IDA and session key between A and B. This message is encrypted with the key common to B and KDC that is KB. 1- Explain why a pirate cannot pretend to be A at KDC 2- Explain why B is sure that the message comes from KDC 3- From which attacks is this protocol not shielded 4- How can we improve the protocol, without increasing the number of exchanges to thwart this type of attacks?