Question
Problem 14.6 on pp 448-449 of the textbook (Cryptography-and-Network-Security-Principles-and-Practice-6th-Edition) 14.6 Consider the following protocol, designed to let A and B decide on a fresh, shared
Problem 14.6 on pp 448-449 of the textbook (Cryptography-and-Network-Security-Principles-and-Practice-6th-Edition)
14.6 Consider the following protocol, designed to let A and B decide on a fresh, shared session key K=AB. We assume that they already share a long-term key KAB. 1. AS B:A, NA.
2. B S A:E(KAB, [NA, K=AB])
3. AS B:E(K=AB, NA)
a. We first try to understand the protocol designers reasoning:
Why would A and B believe after the protocol ran that they share K=AB with the other party?
Why would they believe that this shared key is fresh?
In both cases, you should explain both the reasons of both A and B, so your answer should complete the sentences
A believes that she shares K=AB with B since
B believes that he shares K=AB with A since
A believes that K=AB is fresh since
B believes that K=AB is fresh since
b. Assume now that A starts a run of this protocol with B. However, the connection is intercepted by the adversary C. Show how C can start a new run of the protocol using reflection, causing A to believe that she has agreed on a fresh key with B (in spite of the fact that she has only been communicating with C). Thus, in particular, the belief in (a) is false.
c. Propose a modification of the protocol that prevents this attack.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started