applied cryptography - protocols, algorithms, and source code in c

The remedy is to make everything explicit 4344 trying

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: yone on the network until the timestamp expires. This is easy to fix. Add the names inside the encrypted message in step (3): EB(SA(A,B,K,TA)),ST(A,KA),ST(B,KB) Now Bob can’t replay the old message to Carol, because it is clearly meant for communication between Alice and Bob. Woo-Lam This protocol also uses public-key cryptography [1610,1611]: (1) Alice sends a message to Trent with her identity and Bob’s identity: A,B (2) Trent sends Alice Bob’s public key, KB, signed with Trent’s private key, T. ST(KB) (3) Alice verifies Trent’s signature. Then she sends Bob her name and a random number, encrypted with Bob’s public key. EKB(A,RA) (4) Bob sends Trent his name, Alice’s name, and Alice’s random number encrypted with Trent’s public key, KT. A,B,EKT(RA) (5) Trent sends Bob Alice’s public key, KA, signed with Trent’s private key. He also sends him Alice’s random number, a random session key, Alice’s name, and Bob’s name, all signed with Trent’s private key and encrypted with Bob’s public key. ST(KA),EKB(ST(RA,K,A,B)) (6) Bob verifies Trent’s signatures. Then he sends Alice the second part of Trent’s message from step (5) and a new random number—all encrypted in Alice’s public key. EKA(ST(RA,K,A,B),RB) (7) Alice verifies Trent’s signature and her random number. Then she sends Bob the second random number, encrypted in the session key. EK(RB) (8) Bob decrypts his random number and verifies that it unchanged. Other Protocols There are many other protocols in the literature. The X.509 protocols are discussed in Section 24.9, KryptoKnight is discussed in Section 24.6, and Encrypted Key Exchange is discussed in Section 22.5. Another new public-key protocol is Kuperee [694]. And work is being done on protocols that use beacons, a trusted node on a network that continuously broadcasts authenticated nonces [783]. Lessons Learned There are some important lessons in the previous protocols, both those which have been broken and those which have not: — Many protocols failed because the designers...
View Full Document

Ask a homework question - tutors are online