Implementing-cryptography-using-python
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Chapter 2 ■ Cryptographic Protocols and Perfect Secrecy 37
establish mutual authentication between two parties, A and B; the protocol
assumes that an adversary may intercept, delay, read, copy, or forge the message
in transit. The protocol also assumes that each party (Alice and Bob) has
received secret keys from a trusted third party (TTP). The protocol uses shared
keys for both the encryption and decryption process.
Use Table 2.1 to analyze the following exchange:
Let us assume that Alice needs to send a communication to Bob. Alice will
need to generate a random number R A and send a message to the TTP:
A➔ TTP(A, B, r A )
The TTP generates a session key K A,B for secure communications between Alice
and Bob and responds to Alice: TTP ➔ A: {r A , B, K A,B , {K A,B , A} KB, TTP } KA, TTP
Alice decrypts the message and extracts K A,B . She confirms that r A is identical
to the number generated by her in the first step; this informs her that the
reply from the TTP is fresh.
Alice sends the message to Bob: A➔B: {K A,B , A} KB, TTP
Bob decrypts the message and obtains K A,B . He then generates a random
number r B and replies to Alice: B ➔ A: {r B } KA,B
Alice decrypts the message and verifies that it contains r B -1.
Table 2.1: Notation of Cryptographic Protocols
NOTATION
A
CA ‐ A
R A
t A
MEANING
Name of A, analogous to B, E, TTP, CA
The certification authority for A
A random value chosen by A
The timestamp generated by A
(m 1, . . . , m n) The concatenation of messages m 1, . . . , m n
A ➔ B: m
K A,B
A sends message m to B
The secret key, only known to A and B
+K A The public key of A
-K A The private key of A
{m} K The message m encrypted with the key K, synonym for E(K, m)
H(m)
A[m]
Cert -CK CA( +K A )
Modification detection code (MDC) over message m, computed with
function H
Shorthand notation for (m, {H(m)} –KA
The certification authority certificate for public key +K A of A, signed with
the private certification key -CK CA
CA<<A>> Shorthand notation for Cert -CK CA( +K A )