Security Protocols I - Information Security

More documents

Recommendations

Info

Sebastian Mödersheim 13Building a key establishment protocol (7)• Second attempt: assume that S initially shares a secret keysk(U, S) with each user U of the system: S◮ sk(A, S) with A,◮ sk(B, S) with B,1. A, Band encrypts message 2.2. {|K AB |} sk(A,S) , {|K AB |} sk(B,S)• Problems with protocol? A◮ Eavesdropping? No.3. {|K AB |} sk(B,S) , A◮ Perfect cryptography assumption: “encrypted messages mayonly be read by the legitimate recipients who have the keysrequired to decrypt...”While an understanding of cryptographic algorithms is essential for thecorrect design of protocols, the details of the algorithms are often irrelevantand are frequently avoided during both protocol design and analysis. BFMSEC Module 2, v.2 28.09.2009
Sebastian Mödersheim 14Building a key establishment protocol (8)• Problem is not that the protocol gives away the secret key K AB ,but that the information about who else has K AB is not protected.S1. A, B2. {|K AB |} sk(A,S) , {|K AB |} sk(B,S) A3. {|K AB |} sk(B,S) , A B• Intruder could not only be able to eavesdrop on messages sent,but also to capture messages and alter them.<strong>Security</strong> Assumption 2: the intruder is able to interceptmessages on the network and send messages to anybody(under any sender name).FMSEC Module 2, v.2 28.09.2009
Page 1 and 2: Security Protocols IIntroductionSeb
Page 3 and 4: Sebastian Mödersheim 2Good Crypto
Page 5 and 6: Sebastian Mödersheim 4Motivation
Page 7 and 8: Sebastian Mödersheim 6Road map•
Page 9 and 10: Sebastian Mödersheim 8Building a k
Page 11 and 12: Sebastian Mödersheim 1. A, B10Buil
Page 13: Sebastian Mödersheim 1. A, B12Buil
Page 17 and 18: Sebastian Mödersheim 16Building a
Page 19: Sebastian Mödersheim 18Building a
Page 24 and 25: iSebastian Mödersheim 23Building a
Page 32 and 33: Sebastian Mödersheim 31ExerciseCan
Page 34 and 35: Sebastian Mödersheim 33Summary: Co
Page 36 and 37: Sebastian Mödersheim 35Summary: Pr
Page 38 and 39: Sebastian Mödersheim 37An authenti
Page 40 and 41: Sebastian Mödersheim 39Informal Co
Page 42 and 43: Sebastian Mödersheim 41Man-in-the-
Page 44 and 45: Sebastian Mödersheim 43Assumptions
Page 46 and 47: Sebastian Mödersheim 45Examples of
Page 48 and 49: Sebastian Mödersheim 47Type flaw a
Page 50 and 51: Sebastian Mödersheim 49Type flaw a
Page 52 and 53: Sebastian Mödersheim 51Example of
Page 54 and 55: Sebastian Mödersheim 53Example of
Page 56 and 57: Sebastian Mödersheim 55. . . and s
Page 58 and 59: Sebastian Mödersheim 57Prudent eng
Page 60: Sebastian Mödersheim 59Bibliograph

Security Protocols I - Information Security

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?