Cryptography Reference
In-Depth Information
Communication delays
. It is inevitable that there will be some degree of
communication delay between Alice sending, and Bob receiving, a message.
This tends to be negligible compared to clock drift and can also be managed
using windows of acceptability.
Integrity of clock-based data
. Bob will normally require some kind of assurance
that the timestamp received from Alice is correct. This can be provided by
conventional cryptographic means, for example using a MAC or a digital
signature. However, such an assurance can only be provided when Bob has
access to the cryptographic key required to verify the timestamp.
8.2.2
Sequence numbers
In applications where clock-basedmechanisms are not appropriate, an alternative
mechanism is to use
logical
time. Logical time maintains a notion of the order
in which messages or sessions occur and is normally instantiated by a
counter
or
sequence number
.
The idea is best illustrated by means of an example. Suppose Alice and Bob
regularly communicate with one another and wish to ensure that messages that
they exchange are fresh. Alice can do this by maintaining two sequence numbers
for communicating with Bob, which are counters denoted by
N
AB
and
N
BA
. Alice
uses sequence number
N
AB
as a counter for messages that she sends to Bob, and
sequence number
N
BA
as a counter for messages that she receives from Bob. Both
sequence numbers work in the same way. We illustrate the case of
N
AB
.
When Alice sends a message to Bob:
1. Alice looks up her database to find the latest value of the sequence number
N
AB
. Suppose that at this moment in time
N
AB
=
T
new
.
2. Alice sends her message to Bob along with the latest sequence number value,
which is
T
new
.
3. Alice increments the sequence number
N
AB
by one (in other words, she sets
N
AB
=
1) and stores the updated value on her database. This updated
value will be the sequence number that she uses next time that she sends a
message to Bob.
When Bob receives the message from Alice:
4. Bob compares the sequence number
T
new
sent by Alice with the most recent
value of the sequence number
N
AB
on his database. Suppose this is
N
AB
=
T
old
.
5. If
T
new
>
T
old
then Bob accepts the latest message as fresh and he updates his
stored value of
N
AB
from
T
old
to
T
new
.
6. If
T
new
≤
T
old
then Bob rejects the latest message fromAlice as not being fresh.
This is just one example of the way in which sequence numbers can work. The
basic principle is that messages are only accepted as fresh if the latest sequence
number has not been used before. The simplest way of doing this is to make sure
that, each time a new message is sent, the sequence number is increased.
T
new
+
