Cryptography Reference
In-Depth Information
Master A
Slave B
user inputs PIN code
pick IN RAND
IN RAND
−−−−−−−−−−−−−−−−−−−→
user inputs PIN code (or not)
K
init
=
E22
(
PIN
,
IN RAND
)
K
init
=
E22
(
PIN
,
IN RAND
)
C
B
←−−−−−−−−−−−−−−−−−−−
C
B
=
K
unit
⊕
K
init
K
=
C
B
⊕
K
init
K
=
K
unit
Figure 5.12.
A pairing protocol with a device with low capacities.
against attempts to erase frames. Like in GSM, the integrity protection is very poor so
frame authentication is not guaranteed.
5.7
Exercises
Exercise 5.1.
We consider an arbitrary secret function f
of C
challenges to a finite set
R
of R responses. We consider an access control scheme in
which a server picks a challenge uniformly at random in
from a finite set
C
and the client sends the
corresponding response after one f application. Explain how the chance of cheating
increases when looking at access control communications. Describe an attack and
compute its probability of success.
C
Exercise 5.2.
The Kerberos authentication protocol is presented using secret-key en-
cryption function C
K
. Identify the accurate security property which is required here.
(Confidentiality? Integrity? Authentication?)
Search WWH ::
Custom Search