User Account

All Pages

Analyze and extend a cryptographic protocol

Assignment Help Theory of Computation
Reference no: EM13728294

Q1:

The goal of this task is to have you analyze and extend a cryptographic protocol. Alice, Bob and Mallory are students of Cryptography. At the beginning of the semester, they have all securely pair-wise exchanged their public keys. While Alice and Bob have become good friends, Mallory is secretly very jealous of Alice and only pretends to be friends with the two.

One day, Alice and Bob meet for a coffee at the end of class. Bob is really happy and tells Alice:

I have designed a new authentication protocol. It's really good, look!

1. B chooses a nonce NB and sends it to A, explicitly indicating sender and receiver:

2. A responds with a nonce NA and a signature:

3. B accepts and replies with a new nonce N'B:

Bob continues: This ensures the following. When the protocol is complete,

1. B can be sure that A created message 2 specifically as a response to B's first message. Thus, it must be A with whom B has executed the protocol!

2. The other way around, A can be sure that she is communicating with B because only B can create the signature in the third message!

Alice knows that authentication protocols can be vulnerable in very subtle ways. She takes a good long look at the protocol and then declares: I am afraid it's broken. An attacker can inject messages such that A would falsely assume she has run the protocol with B, while in fact she was talking to the attacker.

Bob is down-hearted, so Alice takes pity and explains to him why the protocol is vulnerable. Can you do the same?

Use the following attacker model: Assume that Mallory (M) can control all messages in the network, i.e. read, delete, modify etc. She is only limited by the cryptographic functions, which we assume to be perfect. She does not know any party's private keys (except her own).

1.1

Show that the authentication is broken, as Alice claims. Do this by giving a sequence of message exchanges that conform to the protocol specification yet constitute a violation of Bob's second claim. (Note: write down the full message exchange, not just your changes!)

1.2

State precisely which field in which protocol message causes the vulnerability and why. Change the identified field so the authentication property is not violated anymore. Give the new protocol flow.

1.3

The following is a variant of Bob's protocol that adds a weak kind of key establishment:

1. B -> A : B, A, NB, Kpub,A(KB)

2. A -> B : A, B, NA, NB,SigA(NA, NB, B), Kpub,B(KA)

3. B -> A : B, A, NB, NA, SigB(N'B,NA,A)

The shared key is then derived as (KA||KB) (i.e. concatenation). Explain why the key establishment does not meet the criteria for Perfect Forward Secrecy (PFS)

1.4

Show how to enable PFS. Write down the new message flow.

1.5

We said the key establishment is weak in Bob's version (we do not mean the lack of PFS here).

That is because there is a hidden vulnerability in there. Which one? (Say why!)

Reference no: EM13728294

Questions Cloud

The weaknesses and opportunities and threats for that firm : Select one of the "Big 3" automobile companies in the US, or another large US manufacturing firm that interests you. Identify one or more Strengths, Weaknesses, Opportunities and Threats for that firm.
Calculate exercise value of warrants if price of stock : Company Z issued bonds with detachable warrants several years ago. Each warrant allows the holder to purchase one share of stock at $30 per share. The stock has a beta of 1.3. Calculate the exercise value of the warrants if the price of the underlyin..
Develop a list of inquiry questions : After reviewing each of the other team presentations, each student should develop a list of inquiry questions to teams other than their own. Each student should post a minimum of three (3) questions to the other team(s). This will be used by the i..
Explain how technology has advanced each of their businesses : Explain how technology has advanced each of their businesses, leading to growth. Utilize your research and identify the methods these innovators or leaders are using to communicate through technology in an effort to remain relevant in their industr..
Analyze and extend a cryptographic protocol : Analyze and extend a cryptographic protocol. Alice, Bob and Mallory are students of Cryptography -  Show how to enable PFS. Write down the new message flow.
What is the dollar return on the stock investment : Your next assignment is to assume that $10,000 was invested in the stock of General Medical Corporation with the intention of selling after one year. The stock pays no dividends, so the entire return will be based on the price of the stock when sold...
Explain their views of human nature and their worldviews : Explain their views of human nature and their worldviews as expressed in their respective theories. Which aspect of their theory do you think would be different if they were alive and working today?
Case study in l l bean company : Write case study in l.l.bean company 300 words
What are hospitals contribution margin-breakeven point : Your firm, General Hospital is a not-for-profit, acute care facility which has the following cost structure for its inpatient services. Your job is to determine based on your extensive knowledge of Cost behaviour and profit analysis theory and concep..

Reviews

Write a Review

Theory of Computation Questions & Answers

  Finite-state machine design

Create a finite-state machine design to turn your FPGA development board into a simple programmable music box.

  Redundant sequence identi cation

Redundant sequence identi cation

  Compute a shortest superstring

Dynamic programming algorithm to compute a shortest superstring.

  Propositional and predicate logic

Write down a structural induction principle for the PlayTree free type

  Design a syntactic analyzer

Design a syntactic analyzer for the language specified by the grammar

  Design unambiguous grammar to parse expressions

Write a program would read two numbers and then print all numbers between the first and the second, inclusive. Design unambiguous grammar to parse expressions

  Consider a logic function with three outputs

Consider a logic function with three outputs,  A ,  B , and  C , and three inputs,  D ,  E , and  F . The function is defined as follows:  A  is true if at least one input is true,  B  is true

  Considering a single programmed operating system

Considering a single programmed operating system, what is the minimal total time required to complete executions of the two processes? You should explain your answer with a diagram.

  How to construct an nfa

Give a construction that assumes you are given a DFA for L and show how to construct an NFA (with or without ε-moves) to recognize sort(L).

  Equivalence classes to construct minimal dfa for language

How many equivalence classes does this relation have and what are they? Use these equivalence classes to construct the minimal DFA for the language.

  Impact of moore-s law on data center costs

Discuss the impact of Moore's law on data center costs on such things as servers and communications equipment. List at least 3 steps or recommendations your data center can take to offset some or all of the effect of Moore's law.

  Problem encountered in statements in predicate logic

How the problem would be encountered in attempting to represent the following statements in Predicate logic. it should be possible to: John only likes to see French movies.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd