3.12.attacks - More Attacks on Cryptography 3/12/2010 MS...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
More Attacks on Cryptography 3/12/2010
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto MS Point-to-Point Encryption (MPPE) Client Server If both endpoints support 128-bit crypto: where K = hash(password || R)
Background image of page 2
M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto MS Point-to-Point Encryption (MPPE) Client Server If both endpoints support 128-bit crypto: where K = hash(password || R) Attack 1: Eavesdropper can try dictionary search on password, given some known plaintext.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto MS Point-to-Point Encryption (MPPE) Client Server If both endpoints support 128-bit crypto: where K = hash(password || R) Attack 2: Active attacker can tamper with packets by flipping bits, since there is no MAC.
Background image of page 4
M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto Client Server where K = hash(password || R) Attack 3: Bad guy can replay a prior session, since client doesn’t contribute a nonce. M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto Client Bad Guy
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
M RC4(K) So do I. Here’s a nonce: R I support 128-bit crypto Client Server where K = hash(password || R)
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 25

3.12.attacks - More Attacks on Cryptography 3/12/2010 MS...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online