Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Tue, 20 Nov 2012 06:45:37 +0000
changeset 78 cd4fde79587e
parent 77 56dbc339ec87
child 79 2eaca58f9bcc
updated
slides08.pdf file | annotate | diff | comparison | revisions
slides08.tex file | annotate | diff | comparison | revisions 
Binary file slides08.pdf has changed
--- a/slides08.tex	Tue Nov 20 06:17:25 2012 +0000
+++ b/slides08.tex	Tue Nov 20 06:45:37 2012 +0000
@@ -371,6 +371,54 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
+\frametitle{Time-Stamps}
+
+The Schroeder-Needham protocol can be fixed by including a time-stamp (e.g., in Kerberos):
+
+\begin{center}
+\begin{tabular}{r@ {\hspace{1mm}}l}
+\bl{$A \rightarrow S :$} & \bl{$A, B, N_A$}\\
+\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{AB},\{K_{AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\
+\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\\
+\bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\
+\bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\
+\end{tabular}
+\end{center}\bigskip\pause
+
+but nothing is for free: then you need to synchronise time and possibly become victim to
+timing attacks
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+
+It can also be fixed by including another nonce:
+
+\begin{center}
+\begin{tabular}{r@ {\hspace{1mm}}l}
+\bl{$A \rightarrow B :$} & \bl{$A$}\\
+\bl{$B \rightarrow A :$} & \bl{$\{A, N_B\}_{K_{BS}}$}\\
+\bl{$A \rightarrow S :$} & \bl{$A, B, N_A, \{A, N_B\}_{K_{BS}}$}\\
+\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{AB},\{K_{AB}, A, N_B\}_{K_{BS}} \}_{K_{AS}}$}\\
+\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, N_B\}_{K_{BS}} $}\\
+\bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\
+\bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\
+\end{tabular}
+\end{center}\bigskip\pause
+
+but nothing is for free: then you need to synchronise time and possibly become victim to
+timing attacks
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
 \frametitle{Binding Attacks}
 
 with public-private keys it is important that the public key is \alert{bound} 
@@ -444,7 +492,7 @@
 \begin{itemize}
 \item when it got expensive, some people bought cheaper monthly tickets for a suburban 
 station and a nearby one, and one for the destination and a nearby one
-\item a large investment later all barriers were automatic and tickets can record state
+\item a large investment later all barriers were automatic and tickets could record state
 \end{itemize}}
 
 \only<4>{
sen-material