Cryptography Reference
In-Depth Information
as an unprotected timestamp (perhaps just a text stating the time). In this case the
following attack is possible:
1. At 15.00, the attacker sends Alice a request that appears to come from Bob
but has T B set to the time 17.00, which is a time in the future that the attacker
anticipates that Bob will contact Alice.
2. Alice forms a valid reply based on T B being 17.00 and sends it to Bob.
3. The attacker intercepts and blocks the reply from reaching Bob, then stores it.
4. The attacker hits Alice over the head with a blunt instrument. (Less violent
versions of this attack are possible!)
5. At 17.00, Bob sends a genuine request to Alice (recently deceased).
6. The attacker intercepts the request and sends back the previously intercepted
reply from Alice.
7. Bob accepts the reply as genuine (which it is) and assumes that Alice is OK
(which she most definitely is not).
This attack is only possible because, in this example, we allowed the attacker to
'manipulate' T B . By assuming that T B is a timestamp that cannot be manipulated
in such a way, this attack is impossible.
9.3.7 Protocol 6
Protocol 6 is shown in Figure 9.8.
PROTOCOL ASSUMPTIONS
These are the same as the assumptions for Protocol 1, except that the need for
Bob to have a random generator is replaced by:
Alice can generate timestamps that Bob can verify . As part of this assumption
we further require that Alice and Bob have synchronised clocks.
It's Bob, are you OK?
Alice
Bob
T A || Bob || Yes, I'm OK
MAC K ( T A || Bob || Yes, I'm OK )
Figure 9.8. Protocol 6
 
Search WWH ::




Custom Search