hws/hw05.tex
author Christian Urban <urbanc@in.tum.de>
Sat, 08 Oct 2016 13:54:14 +0100
changeset 471 97ab057cbd2e
parent 470 6764a249118a
child 508 c7b690b17b1d
permissions -rw-r--r--
updated

\documentclass{article}
\usepackage{../style}

\begin{document}

\section*{Homework 5}

\HEADER

\begin{enumerate}
\item Imagine you are researching security products
      (e.g.~CCTV, alarms etc) on a helpful website. They ask
      you for your address details? Think about whether this
      can be bad for you.


\item What can attacker that controls the network do to a communication
between a client and a server?

\item Before starting a TCP connection, client and servers
perform a three-way handshake. Describe how can this three-way
handshake can be abused by an attacker? 

\item Consider the following simple mutual authentication protocol:

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N_a$\\  
$B \to A$: & $\{N_a, N_b\}_{K_{ab}}$\\
$A \to B$: & $N_b$\\
\end{tabular}
\end{center}

Explain how an attacker $B'$ can launch an impersonation attack by 
intercepting all messages for $B$ and make $A$ decrypt her own challenges.

\item What is the main problem with the following
authentication protocol where $A$ sends $B$ mutually
shared key?

\begin{center}
$A \to B: K_{AB}$
\end{center}

\item Nonces are unpredicatble random numbers used in protocols.
Consider the following protocol

\begin{center}
\begin{tabular}{ll}
$A \to B$: & $N$\\  
$B \to A$: & $\{N + 1\}_{K_{ab}}$\\
\end{tabular}
\end{center}

Write down three facts that $A$ can infer after this protocol has been
successfully completed?

\item Write down a protocol which establishes a secret key
between $A$ and $B$ using a mutually trusted third party $S$.
You can assume $A$ and $S$, respectfully $B$ and $S$, share 
secret keys.

\item Consider the following protocol between a car and a
key transponder: 

\begin{enumerate}
\item $C$ generates a random number $N$
\item $C$ calculates $(F,G) = \{N\}_K$
\item $C \to T$: $N, F$
\item $T$ calculates $(F',G') = \{N\}_K$
\item $T$ checks that $F = F'$
\item $T \to C$: $N, G'$
\item $C$ checks that $G = G'$
\end{enumerate}

In Step 2 and 4 a message is split into two halves. Explain
what the purpose of this split is?  Assume the key $K$ is shared 
only between the car and the transponder.  Does the protocol 
achieve that the transponder $T$ authenticates itself to the car
$C$? Does the car authenticate itself to the transponder?


\item \POSTSCRIPT
\end{enumerate}
\end{document}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: t
%%% End: