CSC474/574 - Information Systems Security
Homework 2 Solutions Sketch
October 24, 2004
1. Problem 3 on page 236 (Multiple KDC Domains)
Alice
→
KDC
A
: let me talk to KDC A
KDC
A
generates key
K
aC
KDC
A
→
KDC
C
:
K
A
-
C
(talk to Alice; use key K
aC
)
KDC
A
→
Alice
:
K
Alice
(use key
K
aC
)
Alice
→
KDC
C
: let me talk to KDC B
KDC
C
generates key
K
aB
KDC
C
→
KDC
B
:
K
B
-
C
(talk to Alice at A; use key
K
aB
)
KDC
C
→
Alice
:
K
aC
(use key
K
aB
)
Alice
→
KDC
B
: let me talk to Boris
KDC
B
generates key
K
ab
KDC
B
→
Boris
:
K
Boris
(talk to Alice at A; use key
K
ab
)
KDC
B
→
Alice
:
K
aB
(use key
K
ab
)
2. Problem 2 on page 255 (Eavesdropping)
Let
r
be the no.
of passwords in the list,
q
be the no.
of passwords re-
quested on each login, and
s
the no. of logins that have been eavesdropped
on. Then the probability that the eavesdropper knows all
q
passwords for
the next login is approximately [1
-
(1
-
q/r
)
s
]
q
. For
q
= 1, the probability
is roughly 1
-
e
-
s/r
. For values of s for which this probability is reasonably
small, say
s < r/k
This
preview
has intentionally blurred sections.
Sign up to view the full version.

This is the end of the preview.
Sign up
to
access the rest of the document.
- Spring '04
- NING
- Alice, Authentication methods, man-in-the-middle attack, key KAB, Mutual Authentication, Bob Alice
-
Click to edit the document details