| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Mon, 17 Nov 2014 18:49:13 +0000 | |
| changeset 314 | e01f55e7485a |
| parent 292 | d2f20e16a45c |
| child 349 | 9f4f626cefea |
| permissions | -rw-r--r-- |
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
1 |
\documentclass{article}
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
2 |
\usepackage{../style}
|
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
3 |
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
4 |
\begin{document}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
5 |
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
6 |
\section*{Homework 5}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
7 |
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
8 |
\begin{enumerate}
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
9 |
\item What can attacker that controls the network do to a communication |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
10 |
between a client and a server? |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
11 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
12 |
\item Before starting a TCP connection, client and servers |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
13 |
perform a three-way handshake. Describe how can this three-way |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
14 |
handshake can be abused by an attacker? |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
15 |
|
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
16 |
\item Consider the following simple mutual authentication protocol: |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
17 |
|
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
18 |
\begin{center}
|
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
19 |
\begin{tabular}{ll}
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
20 |
$A \to B$: & $N_a$\\ |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
21 |
$B \to A$: & $\{N_a, N_b\}_{K_{ab}}$\\
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
22 |
$A \to B$: & $N_b$\\ |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
23 |
\end{tabular}
|
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
24 |
\end{center}
|
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
25 |
|
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
26 |
Explain how an attacker $B'$ can launch an impersonation attack by |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
27 |
intercepting all messages for $B$ and make $A$ decrypt her own challenges. |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
28 |
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
29 |
\item What is the main problem with the following |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
30 |
authentication protocol where $A$ sends $B$ mutually |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
31 |
shared key? |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
32 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
33 |
\begin{center}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
34 |
$A \to B: K_{AB}$
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
35 |
\end{center}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
36 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
37 |
\item Nonces are unpredicatble random numbers used in protocols? |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
38 |
Consider the following protocol |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
39 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
40 |
\begin{center}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
41 |
\begin{tabular}{ll}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
42 |
$A \to B$: & $N$\\ |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
43 |
$B \to A$: & $\{N + 1\}_{K_{ab}}$\\
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
44 |
\end{tabular}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
45 |
\end{center}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
46 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
47 |
Write down three facts that $A$ can infer after this protocol has been |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
48 |
successfully completed? |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
155
diff
changeset
|
49 |
|
|
284
71136e7964cc
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
276
diff
changeset
|
50 |
\item (\textbf{Deleted}: same as 2) Before starting a TCP connection, client and servers
|
|
252
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
51 |
perform a three-way handshake: |
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
52 |
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
53 |
\begin{center}
|
|
252
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
54 |
\begin{tabular}{rl}
|
|
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
55 |
$A \rightarrow S$: & SYN\\ |
|
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
56 |
$S \rightarrow A$: & SYN-ACK\\ |
|
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
57 |
$A \rightarrow S$: & ACK\\ |
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
58 |
\end{tabular}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
59 |
\end{center}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
60 |
|
|
252
fa151c0a3cf4
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
61 |
How can this protocol be abused causing trouble on the server? |
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
62 |
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
63 |
\item Write down a protocol which establishes a secret key |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
64 |
between $A$ and $B$ using a mutually trusted third party $S$. |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
65 |
You can assume $A$ and $S$, respectfully $B$ and $S$, share |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
66 |
secret keys. |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
67 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
68 |
\item Consider the following protocol between a car and a |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
69 |
key transponder: |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
70 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
71 |
\begin{enumerate}
|
|
314
e01f55e7485a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
292
diff
changeset
|
72 |
\item $C$ generates a random number $N$ |
|
e01f55e7485a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
292
diff
changeset
|
73 |
\item $C$ calculates $(F,G) = \{N\}_K$
|
|
e01f55e7485a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
292
diff
changeset
|
74 |
\item $C \to T$: $N, F$ |
|
e01f55e7485a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
292
diff
changeset
|
75 |
\item $T$ calculates $(F',G') = \{N\}_K$
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
76 |
\item $T$ checks that $F = F'$ |
|
314
e01f55e7485a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
292
diff
changeset
|
77 |
\item $T \to C$: $N, G'$ |
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
78 |
\item $C$ checks that $G = G'$ |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
79 |
\end{enumerate}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
80 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
81 |
In Step 2 and 4 a message is split into two halves. Explain |
|
292
d2f20e16a45c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
284
diff
changeset
|
82 |
what the purpose of this split is? Assume the key $K$ is shared |
|
d2f20e16a45c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
284
diff
changeset
|
83 |
only between the car and the transponder. Does the protocol |
|
d2f20e16a45c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
284
diff
changeset
|
84 |
achieve that the transponder $T$ authenticates itself to the car |
|
d2f20e16a45c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
284
diff
changeset
|
85 |
$C$? Does the car authenticate itself to the transponder? |
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
86 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
87 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
252
diff
changeset
|
88 |
|
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
89 |
\end{enumerate}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
90 |
\end{document}
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
91 |
|
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
92 |
%%% Local Variables: |
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
93 |
%%% mode: latex |
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
94 |
%%% TeX-master: t |
|
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
95 |
%%% End: |