2 Symmetric Key Protocol (B)
2 Symmetric Key Protocol (B)
2 Symmetric Key Protocol (B)
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Exercises Applied Cryptography <strong>Protocol</strong>s (31.05.2012)<br />
The exercizes serve two goals. Firstly, they are preparations for the KU examination. Secondly,<br />
they are meant as a help to understand the VO lectures. The Method is at least as<br />
important as the final result.<br />
1 <strong>Symmetric</strong> <strong>Key</strong> <strong>Protocol</strong> (A)<br />
In the following protocol the participants share no secrets. It is used for transmitting data<br />
over an insecure channel. It assumes that encryption is commutative. Show how an attacker<br />
can retrieve M.<br />
A → B : E KA (M) (1)<br />
B → A : E KB (E KA (M)) (2)<br />
A → B : E KB (M) (3)<br />
2 <strong>Symmetric</strong> <strong>Key</strong> <strong>Protocol</strong> (B)<br />
This protocol is intended to distribute a new session key between two principals A and B.<br />
N A , N B , N B ′ are nonces. In the final message (4) the nonce N B ′ is a handshake number to be<br />
used in future messages. What is the problem of this protocol?<br />
A → B : A, E KAB (N A ) (1)<br />
B → A : E KAB (N A + 1, N B ) (2)<br />
A → B : E KAB (N B + 1) (3)<br />
B → A : E KAB (K AB, ′ N B) ′ (4)<br />
3 <strong>Symmetric</strong> <strong>Key</strong> <strong>Protocol</strong>s with Trusted Third Parties (A)<br />
Consider this protocol, explain the purpose of the protocol and show why it is not secure.<br />
A → S : A, B, N A (1)<br />
S → A : E KAS (N A , B, K AB , E KBS (K AB , A)) (2)<br />
A → B : E KBS (K AB , A) (3)<br />
B → A : E KAB (N B ) (4)<br />
A → B : E KAB (N B − 1) (5)<br />
1
Exercises Applied Cryptography <strong>Protocol</strong>s (31.05.2012)<br />
4 <strong>Symmetric</strong> <strong>Key</strong> <strong>Protocol</strong>s with Trusted Third Parties (B)<br />
Consider the following protocol, explain the purpose of the protocol and show why it is not<br />
secure. Hint: Consider that parts of a known message can be reused for a different purpose.<br />
A → B : N, A, B, E KAS (N A , N, A, B) (1)<br />
B → S : N, A, B, E KAS (N A , N, A, B), E KBS (N B , N, A, B) (2)<br />
S → B : N, E KAS (N A , K AB ), E KBS (N B , K AB ) (3)<br />
B → A : N, E KAS (N A , K AB ) (4)<br />
5 <strong>Symmetric</strong> <strong>Key</strong> <strong>Protocol</strong>s with Trusted Third Parties (C)<br />
Consider the following authentication protocol. Explain who is getting authenticated, and<br />
why this protocol is not secure. How can this protocol be fixed?<br />
A → B : A (1)<br />
B → A : N BA (2)<br />
A → B : E KAS (N BA ) (3)<br />
B → S : B, E KBS (A, E KAS (N BA )) (4)<br />
S → B : E KBS (N BA ) (5)<br />
6 Asymmetric <strong>Key</strong> <strong>Protocol</strong><br />
Consider the following key exchange protocol based on an asymmetric cryptosystem (K<br />
A + is<br />
the public key of A, KA − is the private key of A). Explain why this protocol is not secure.<br />
How can the protocol be fixed?<br />
A → S : A, B (1)<br />
S → A : CA, CB (2)<br />
A → B : CA, CB, E K<br />
+ (E<br />
B K<br />
−(K AB , T A )) (3)<br />
A<br />
2