User Account

All Pages

Analyze and extend a cryptographic protocol

Assignment Help Theory of Computation
Reference no: EM13728294

Q1:

The goal of this task is to have you analyze and extend a cryptographic protocol. Alice, Bob and Mallory are students of Cryptography. At the beginning of the semester, they have all securely pair-wise exchanged their public keys. While Alice and Bob have become good friends, Mallory is secretly very jealous of Alice and only pretends to be friends with the two.

One day, Alice and Bob meet for a coffee at the end of class. Bob is really happy and tells Alice:

I have designed a new authentication protocol. It's really good, look!

1. B chooses a nonce NB and sends it to A, explicitly indicating sender and receiver:

2. A responds with a nonce NA and a signature:

3. B accepts and replies with a new nonce N'B:

Bob continues: This ensures the following. When the protocol is complete,

1. B can be sure that A created message 2 specifically as a response to B's first message. Thus, it must be A with whom B has executed the protocol!

2. The other way around, A can be sure that she is communicating with B because only B can create the signature in the third message!

Alice knows that authentication protocols can be vulnerable in very subtle ways. She takes a good long look at the protocol and then declares: I am afraid it's broken. An attacker can inject messages such that A would falsely assume she has run the protocol with B, while in fact she was talking to the attacker.

Bob is down-hearted, so Alice takes pity and explains to him why the protocol is vulnerable. Can you do the same?

Use the following attacker model: Assume that Mallory (M) can control all messages in the network, i.e. read, delete, modify etc. She is only limited by the cryptographic functions, which we assume to be perfect. She does not know any party's private keys (except her own).

1.1

Show that the authentication is broken, as Alice claims. Do this by giving a sequence of message exchanges that conform to the protocol specification yet constitute a violation of Bob's second claim. (Note: write down the full message exchange, not just your changes!)

1.2

State precisely which field in which protocol message causes the vulnerability and why. Change the identified field so the authentication property is not violated anymore. Give the new protocol flow.

1.3

The following is a variant of Bob's protocol that adds a weak kind of key establishment:

1. B -> A : B, A, NB, Kpub,A(KB)

2. A -> B : A, B, NA, NB,SigA(NA, NB, B), Kpub,B(KA)

3. B -> A : B, A, NB, NA, SigB(N'B,NA,A)

The shared key is then derived as (KA||KB) (i.e. concatenation). Explain why the key establishment does not meet the criteria for Perfect Forward Secrecy (PFS)

1.4

Show how to enable PFS. Write down the new message flow.

1.5

We said the key establishment is weak in Bob's version (we do not mean the lack of PFS here).

That is because there is a hidden vulnerability in there. Which one? (Say why!)

Reference no: EM13728294

Questions Cloud

The weaknesses and opportunities and threats for that firm : Select one of the "Big 3" automobile companies in the US, or another large US manufacturing firm that interests you. Identify one or more Strengths, Weaknesses, Opportunities and Threats for that firm.
Calculate exercise value of warrants if price of stock : Company Z issued bonds with detachable warrants several years ago. Each warrant allows the holder to purchase one share of stock at $30 per share. The stock has a beta of 1.3. Calculate the exercise value of the warrants if the price of the underlyin..
Develop a list of inquiry questions : After reviewing each of the other team presentations, each student should develop a list of inquiry questions to teams other than their own. Each student should post a minimum of three (3) questions to the other team(s). This will be used by the i..
Explain how technology has advanced each of their businesses : Explain how technology has advanced each of their businesses, leading to growth. Utilize your research and identify the methods these innovators or leaders are using to communicate through technology in an effort to remain relevant in their industr..
Analyze and extend a cryptographic protocol : Analyze and extend a cryptographic protocol. Alice, Bob and Mallory are students of Cryptography -  Show how to enable PFS. Write down the new message flow.
What is the dollar return on the stock investment : Your next assignment is to assume that $10,000 was invested in the stock of General Medical Corporation with the intention of selling after one year. The stock pays no dividends, so the entire return will be based on the price of the stock when sold...
Explain their views of human nature and their worldviews : Explain their views of human nature and their worldviews as expressed in their respective theories. Which aspect of their theory do you think would be different if they were alive and working today?
Case study in l l bean company : Write case study in l.l.bean company 300 words
What are hospitals contribution margin-breakeven point : Your firm, General Hospital is a not-for-profit, acute care facility which has the following cost structure for its inpatient services. Your job is to determine based on your extensive knowledge of Cost behaviour and profit analysis theory and concep..

Reviews

Write a Review

Theory of Computation Questions & Answers

  1 produce a report of up to 500 words on the topic talent

1. produce a report of up to 500 words on the topic talent planning in operation. nbspnbspnbspnbsp please ensure that

  Determine if system in a safe state-share nine tape drives

There are four processes that are going to share nine tape drives. Their current and maximum number of allocation numbers. Is system in a safe state? Explain why or why not?

  The roommate problem and intern assignment problem

Implementation of both the algorithms using C/C++ code 1. roommates problem 2. Intern Problem

  Translate the following english sentences into symbolic

translate the following english sentences into symbolic logic propositions. all variables are quantified over the set

  Scrum vs plan-based software development strategies

Develop a visual rendering of each approach using Microsoft Visio or its open source alternative, Dia. Note: The graphically depicted solution is not included in the required page length.

  You have to design a syntactic analyzer for the language

you have to design a syntactic analyzer for the language specified by the grammar below. we are using the following

  State the contrapositive statement

If the product of two integers is not divisible by some integer n then neither integer is divisible by n - State the contrapositive statement (in words).

  Write grammar for language consisting of strings

Write a grammar for the language consisting of strings that have n copies of the letter a followed by same number of copies of the letter b, where n>0

  How does the cell phone help children to communicate

How does the cell phone help children to communicate and are the parents usually encouraging their children to communicate by cell phone?

  Discuss the pros and cons of executive compensation is

discuss the pros and cons of executive compensation. is executive compensation to u.s. ceos too excessive or

  Write an unambiguous grammar

Write an unambiguous grammar for the given languages- You have to prepare unambiguous grammar for the above languages. Please help! I am stuck on this question

  Decrypt the message without computing bobs private key

Decrypt the message without computing Bobs private key. Just look at the cipher text and use the fact that there are only very few masking keys and a bit of guesswork.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd