This preview shows page 1. Sign up to view the full content.
Unformatted text preview: yone on the network until the timestamp expires. This is easy to fix. Add the names inside the encrypted message in step (3): EB(SA(A,B,K,TA)),ST(A,KA),ST(B,KB) Now Bob can’t replay the old message to Carol, because it is clearly meant for communication between Alice and Bob. Woo-Lam
This protocol also uses public-key cryptography [1610,1611]: (1) Alice sends a message to Trent with her identity and Bob’s identity: A,B (2) Trent sends Alice Bob’s public key, KB, signed with Trent’s private key, T. ST(KB) (3) Alice verifies Trent’s signature. Then she sends Bob her name and a random number, encrypted with Bob’s public key. EKB(A,RA) (4) Bob sends Trent his name, Alice’s name, and Alice’s random number encrypted with Trent’s public key, KT. A,B,EKT(RA) (5) Trent sends Bob Alice’s public key, KA, signed with Trent’s private key. He also sends him Alice’s random number, a random session key, Alice’s name, and Bob’s name, all signed with Trent’s private key and encrypted with Bob’s public key. ST(KA),EKB(ST(RA,K,A,B)) (6) Bob verifies Trent’s signatures. Then he sends Alice the second part of Trent’s message from step (5) and a new random number—all encrypted in Alice’s public key. EKA(ST(RA,K,A,B),RB) (7) Alice verifies Trent’s signature and her random number. Then she sends Bob the second random number, encrypted in the session key. EK(RB) (8) Bob decrypts his random number and verifies that it unchanged. Other Protocols There are many other protocols in the literature. The X.509 protocols are discussed in Section 24.9, KryptoKnight is discussed in Section 24.6, and Encrypted Key Exchange is discussed in Section 22.5. Another new public-key protocol is Kuperee . And work is being done on protocols that use beacons, a trusted node on a network that continuously broadcasts authenticated nonces . Lessons Learned
There are some important lessons in the previous protocols, both those which have been broken and those which have not: — Many protocols failed because the designers...
View Full Document
- Fall '10