Mercurial Mercurial > hg > sen-material / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hws/hw05.tex
author Christian Urban <christian dot urban at kcl dot ac dot uk>
Mon, 10 Nov 2014 23:28:19 +0000
changeset 302 17890d4b0688
parent 292 d2f20e16a45c
child 314 e01f55e7485a
permissions -rw-r--r--
updated

\documentclass{article}
\usepackage{../style}

\begin{document}

\section*{Homework 5}

\begin{enumerate}
\item What can attacker that controls the network do to a communication
between a client and a server?

\item Before starting a TCP connection, client and servers
perform a three-way handshake. Describe how can this three-way
handshake can be abused by an attacker? 

\item Consider the following simple mutual authentication protocol:

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N_a$\\  
$B \to A$: & $\{N_a, N_b\}_{K_{ab}}$\\
$A \to B$: & $N_b$\\
\end{tabular}
\end{center}

Explain how an attacker $B'$ can launch an impersonation attack by 
intercepting all messages for $B$ and make $A$ decrypt her own challenges.

\item What is the main problem with the following
authentication protocol where $A$ sends $B$ mutually
shared key?

\begin{center}
$A \to B: K_{AB}$
\end{center}

\item Nonces are unpredicatble random numbers used in protocols? 
Consider the following protocol

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N$\\  
$B \to A$: & $\{N + 1\}_{K_{ab}}$\\
\end{tabular}
\end{center}

Write down three facts that $A$ can infer after this protocol has been
successfully completed?

\item (\textbf{Deleted}: same as 2) Before starting a TCP connection, client and servers
perform a three-way handshake:

\begin{center}
\begin{tabular}{rl}
$A \rightarrow S$: & SYN\\
$S \rightarrow A$: & SYN-ACK\\
$A \rightarrow S$: & ACK\\
\end{tabular}
\end{center}

How can this protocol be abused causing trouble on the server?

\item Write down a protocol which establishes a secret key
between $A$ and $B$ using a mutually trusted third party $S$.
You can assume $A$ and $S$, respectfully $B$ and $S$, share 
secret keys.

\item Consider the following protocol between a car and a
key transponder: 

\begin{enumerate}
\item $C$ generates a random number $r$
\item $C$ calculates $(F,G) = \{r\}_K$
\item $C \to T$: $r, F$
\item $T$ calculates $(F',G') = \{r\}_K$
\item $T$ checks that $F = F'$
\item $T \to C$: $r, G'$
\item $C$ checks that $G = G'$
\end{enumerate}

In Step 2 and 4 a message is split into two halves. Explain
what the purpose of this split is?  Assume the key $K$ is shared 
only between the car and the transponder.  Does the protocol 
achieve that the transponder $T$ authenticates itself to the car
$C$? Does the car authenticate itself to the transponder?



\end{enumerate}
\end{document}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: t
%%% End:
sen-material