lecture5

lecture5 - Lecture 5: Protocols - Authentication and Key...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena * Adopted from a previous lecture by Gene Tsudik 10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 2 Course Admin ± HW3 Problem 3 due Friday midnight ± HW4 will be posted over the weekend ± HW2 grades were posted last night ± Solutions to 1-3 have all been posted ± Midterm is in 2-weeks from now ± Study topics to be posted very soon ± A sample mid-term from previous year will be provided as we approach the mid-term
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 3 Outline of Today’s lecture ± Today we try to put everything together ± Encryption (public-key/private-key) ± MACs ± Signing ± Key-Distribution ± Secure protocols (for secure communication ) ± Authentication ± We studied it somewhat while talking about key distribution ± (Authenticated-) Key Exchange ± Designing secure protocols is hard – we’ll only be able to learn the basics today ± We’ll use the board extensively today – be prepared to take notes 10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 4 Protocol ± A protocol is a set of rules using which two or more entities exchange messages ± It consists of messages and rounds
Background image of page 2
10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 5 Messages and Rounds ± A message is a unit of information send from one entity to other ± A round is a basic unit of protocol time 1. Wake up because of 1. Alarm (or clock) 2. Intial start or 3. Receipt of message(s) from other(s) 2. Compute something 3. Send message(s) to other(s) 4. Repeat 2-3 if needed 5. Wait for message(s) or clock 10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 6 Types of Adversaries ± Passive ± Eavesdrop, delay, drop, replay messages ± Active ± Eavesdrop, delay, drop, replay and modify messages
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 7 Model ± N parties ± Any party can initiate the protocol with any other party ± Each party can be running a number of sessions with any other party at any point 10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 8 Adversary and Security Model ± Different session should use different keys ± Compromise of one session should not lead to the compromise of any other session ± Adversary is an active adversary and a part of the system ± “Simply forwarding” adversary is NOT considered an adversary against the protocol ± Why? ± Message authentication (m’) ± Key exchange
Background image of page 4
10/15/2009 Module 4 - Protocols: Authentication and Key Exchange 9 Properties of a Secure Protocol ± Correctness ± If entities taking part in the protocol behave honestly, (and also if there are no transmission errors) the protocol achieves its desired goal ± In other words, if everything works as expected, does the protocol satisfy its desired goal?
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/18/2009 for the course CS 6813 taught by Professor Saxena during the Fall '09 term at NYU Poly.

Page1 / 20

lecture5 - Lecture 5: Protocols - Authentication and Key...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online