CSC474/574  Information Systems Security
Homework 2 Solutions Sketch
October 24, 2004
1. Problem 3 on page 236 (Multiple KDC Domains)
Alice
→
KDC
A
: let me talk to KDC A
KDC
A
generates key
K
aC
KDC
A
→
KDC
C
:
K
A

C
(talk to Alice; use key K
aC
)
KDC
A
→
Alice
:
K
Alice
(use key
K
aC
)
Alice
→
KDC
C
: let me talk to KDC B
KDC
C
generates key
K
aB
KDC
C
→
KDC
B
:
K
B

C
(talk to Alice at A; use key
K
aB
)
KDC
C
→
Alice
:
K
aC
(use key
K
aB
)
Alice
→
KDC
B
: let me talk to Boris
KDC
B
generates key
K
ab
KDC
B
→
Boris
:
K
Boris
(talk to Alice at A; use key
K
ab
)
KDC
B
→
Alice
:
K
aB
(use key
K
ab
)
2. Problem 2 on page 255 (Eavesdropping)
Let
r
be the no.
of passwords in the list,
q
be the no.
of passwords re
quested on each login, and
s
the no. of logins that have been eavesdropped
on. Then the probability that the eavesdropper knows all
q
passwords for
the next login is approximately [1

(1

q/r
)
s
]
q
. For
q
= 1, the probability
is roughly 1

e

s/r
. For values of s for which this probability is reasonably
small, say
s < r/k
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
This is the end of the preview.
Sign up
to
access the rest of the document.
 Spring '04
 NING
 Alice, Authentication methods, maninthemiddle attack, key KAB, Mutual Authentication, Bob Alice

Click to edit the document details