diff -r 56dbc339ec87 -r cd4fde79587e slides08.tex --- a/slides08.tex Tue Nov 20 06:17:25 2012 +0000 +++ b/slides08.tex Tue Nov 20 06:45:37 2012 +0000 @@ -371,6 +371,54 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] +\frametitle{Time-Stamps} + +The Schroeder-Needham protocol can be fixed by including a time-stamp (e.g., in Kerberos): + +\begin{center} +\begin{tabular}{r@ {\hspace{1mm}}l} +\bl{$A \rightarrow S :$} & \bl{$A, B, N_A$}\\ +\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{AB},\{K_{AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ +\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\\ +\bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\ +\bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\ +\end{tabular} +\end{center}\bigskip\pause + +but nothing is for free: then you need to synchronise time and possibly become victim to +timing attacks + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +It can also be fixed by including another nonce: + +\begin{center} +\begin{tabular}{r@ {\hspace{1mm}}l} +\bl{$A \rightarrow B :$} & \bl{$A$}\\ +\bl{$B \rightarrow A :$} & \bl{$\{A, N_B\}_{K_{BS}}$}\\ +\bl{$A \rightarrow S :$} & \bl{$A, B, N_A, \{A, N_B\}_{K_{BS}}$}\\ +\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{AB},\{K_{AB}, A, N_B\}_{K_{BS}} \}_{K_{AS}}$}\\ +\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, N_B\}_{K_{BS}} $}\\ +\bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\ +\bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\ +\end{tabular} +\end{center}\bigskip\pause + +but nothing is for free: then you need to synchronise time and possibly become victim to +timing attacks + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] \frametitle{Binding Attacks} with public-private keys it is important that the public key is \alert{bound} @@ -444,7 +492,7 @@ \begin{itemize} \item when it got expensive, some people bought cheaper monthly tickets for a suburban station and a nearby one, and one for the destination and a nearby one -\item a large investment later all barriers were automatic and tickets can record state +\item a large investment later all barriers were automatic and tickets could record state \end{itemize}} \only<4>{