Question
Suppose we are using a three-message mutual authentication protocol, and Alice initiates contact with Bob. Suppose we wish Bob to be a stateless server, and
Suppose we are using a three-message mutual authentication protocol, and Alice initiates contact with Bob. Suppose we wish Bob to be a stateless server, and therefore it is inconvenient to require him to remember the challenge he sent to Alice. Let's modify the exchange so that Alice sends the challenge back to Bob, along with the encrypted challenge. So the protocol is:
Alice to Bob: "I'm Alice" Bob to Alice: R Alice to Bob: R, K_Alice-Bob{R} Is this protocol secure? Why or why not?
Let's modify the protocol from the previous problem so that Bob sends both the challenge and a challenge encrypted with a key that only he knows, to Alice: Alice to Bob: "I'm Alice" Bob to Alice: R, K_Bob(R)
Alice to Bob: K_Bob(R), K_Alice-Bob(R) Is this protocol secure? Why or why not? Is there a simple fix if it is not secure?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Databases Illuminated
Authors: Catherine Ricardo
2nd Edition
1449606008, 978-1449606008
