hws/hw05.tex
author Christian Urban <christian dot urban at kcl dot ac dot uk>
Thu, 26 Nov 2015 12:28:10 +0000
changeset 437 08906f4325bb
parent 414 9a3aa8c39951
child 442 cceb3d2dcba0
permissions -rw-r--r--
updated

\documentclass{article}
\usepackage{../style}

\begin{document}

\section*{Homework 5}

\HEADER

\begin{enumerate}
\item What can attacker that controls the network do to a communication
between a client and a server?

\item Before starting a TCP connection, client and servers
perform a three-way handshake. Describe how can this three-way
handshake can be abused by an attacker? 

\item Consider the following simple mutual authentication protocol:

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N_a$\\  
$B \to A$: & $\{N_a, N_b\}_{K_{ab}}$\\
$A \to B$: & $N_b$\\
\end{tabular}
\end{center}

Explain how an attacker $B'$ can launch an impersonation attack by 
intercepting all messages for $B$ and make $A$ decrypt her own challenges.

\item What is the main problem with the following
authentication protocol where $A$ sends $B$ mutually
shared key?

\begin{center}
$A \to B: K_{AB}$
\end{center}

\item Nonces are unpredicatble random numbers used in protocols.
Consider the following protocol

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N$\\  
$B \to A$: & $\{N + 1\}_{K_{ab}}$\\
\end{tabular}
\end{center}

Write down three facts that $A$ can infer after this protocol has been
successfully completed?

\item (\textbf{Deleted}: same as 2) Before starting a TCP connection, client and servers
perform a three-way handshake:

\begin{center}
\begin{tabular}{rl}
$A \rightarrow S$: & SYN\\
$S \rightarrow A$: & SYN-ACK\\
$A \rightarrow S$: & ACK\\
\end{tabular}
\end{center}

How can this protocol be abused causing trouble on the server?

\item Write down a protocol which establishes a secret key
between $A$ and $B$ using a mutually trusted third party $S$.
You can assume $A$ and $S$, respectfully $B$ and $S$, share 
secret keys.

\item Consider the following protocol between a car and a
key transponder: 

\begin{enumerate}
\item $C$ generates a random number $N$
\item $C$ calculates $(F,G) = \{N\}_K$
\item $C \to T$: $N, F$
\item $T$ calculates $(F',G') = \{N\}_K$
\item $T$ checks that $F = F'$
\item $T \to C$: $N, G'$
\item $C$ checks that $G = G'$
\end{enumerate}

In Step 2 and 4 a message is split into two halves. Explain
what the purpose of this split is?  Assume the key $K$ is shared 
only between the car and the transponder.  Does the protocol 
achieve that the transponder $T$ authenticates itself to the car
$C$? Does the car authenticate itself to the transponder?



\end{enumerate}
\end{document}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: t
%%% End: