09network-crypto - Computer and Network Security c...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Computer and Network Security c circlecopyrt Copyright 2000 R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Cryptographic Protocols (Pfleeger Ch. 4, Stallings Ch. 10) Distributed Programming and Logic 1 Types of Protocol 1.1 Arbitrated Trusted third party involved vs. Non-arbitrated - only the principals, mutually suspicious 1.1.1 Advantages 1. serialized 2. documented 3. arbitrator has total knowledge 4. often much easier 1.1.2 Disadvantages 1. Trust? 2. Availability 3. Delay 4. Bottleneck 5. Secrecy 1.2 Adjudicated Third party can verify what has happened and determine if one of the parties cheated 1.3 Self-enforcing Either one of the parties can determine and prove that cheating has occurred if it did, as the protocol proceeds 2 What to look for 1. Initial assumptions 2. Trust relationships - who trusts whom, and for what 3. Goals of the protocol 4. Hidden assumptions (trust, keys, etc.) 5. Weaknesses to various forms of attack 6. Requirements on underlying mechanisms (clock, PRNG, crypto) 2 3 Attacks 3.0.1 Interception 3.0.2 Modification 1. Straight modification 2. Cut & Paste 3.0.3 Fabrication 1. chosen plaintext 2. chosen ciphertext 3.0.4 Replay 1. Simple replay 2. Reflection 3. Delay/deferred delivery 3.0.5 Man-in-the-Middle (Bucket Brigade) Network-based Attacks Passive - no alteration - interception only Active - may include interception - Interruption- Modification- Fabrication Figure 1: Basic Network Attacks 3 A B X A B X A B X A B X Protocol Attacks Bucket-Brigade (Man-in-the-Middle) Replay M M Cut&Paste Padding M1 = abc M2 = def M = aec M1 = abc...
View Full Document

This note was uploaded on 01/18/2012 for the course CIS 4930 taught by Professor Staff during the Fall '08 term at University of Florida.

Page1 / 10

09network-crypto - Computer and Network Security c...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online