hw7-sol_Security

hw7-sol_Security - udaya shankar Page 1 of 4 November 20,...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Page 1 of 4 November 20, 2006 CMSC 414: HW 4 ___________________________________________________________ 1. (text 11.3) In section 11.3.1, we discuss various ways for forming a session key. Remember that R is the challenge sent by Bob to Alice, and A is Alice’s secret, which Bob also knows. Which of the following are secure for a session key? A R {R + A} A {A} A {R} R+A Solution A R is not secure: eavesdropper who discovers it also discovers A. {R + A} A is secure. {R} R+A is secure. {A} A is not secure: it is the same for all sessions. ___________________________________________________________ 2. (text 11.4) Design a variant of Otway-Rees that only has one nonce generated by Alice and one nonce generated by Bob. Explain why it is still as secure. Solution Essentially, replace N C by K A {N A , “A”, “B”} A (Alice) KDC B (Bob) 1 generate nonces N A send [ A, B, K A {N A , A, B} ] to B 2 generate nonce N B send [ K B {N B , K A {N A , A, B}, A, B} ] to KDC 3 invent session key K AB extract N A , N B send [ K A {N A , K AB }, K B {N B , K AB }] to B 4 send K A {N A , K AB } to A 5 send K AB {anything recognizable} to B <-------- A and B establish data session key (eg, (K AB +1){R 1 R 2 } -----> When the KDC extracts N A and N B (step 3), it ensures that B is making the request, that A made the request that B is forwarding inside B’s request, and that A and B want to talk to each other. The nonce N B in B’s ticket ensures that the ticket is freshly created by KDC. The nonce N
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/03/2008 for the course CSC 574 taught by Professor Ning during the Spring '04 term at N.C. State.

Page1 / 4

hw7-sol_Security - udaya shankar Page 1 of 4 November 20,...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online