QUESTION 2 a) What three assumptions are generally made when designing and analysing cryptographic protocols? [3 marks] b) What are distinctness flaws in cryptographic protocols? Show how the protocol below (part of the Andrew Secure RPC protocol) may exhibit a distinctness flaw, and construct an attack that allows an adversary to make A accept Na +1 as the new session key. [7 marks] (1) A B : {Na}Kab (2) B A : {Na + 1,Nb}Kab (3) A B : {Nb + 1}Kab (4) B A : {Kab,Nb}Kab c) Give a critical analysis of the Kao Chow Authentication protocol, reproduced below. Your answer should include analyses of the purposes of each part of the messages, and justify why the protocol can provide authentication of the participants. Construct an attack based on replaying a compromised session key that allows an intruder to impersonate A. [10 marks] (1) A S : A,B,Na (2) S B : {A,B,Na,Kab}Kas,{A,B,Na,Kab}Kbs (3) B A : {A,B,Na,Kab}Kas,{Na}Kab,Nb (4) A B : {Nb}Kab