Cryptography Reference
In-Depth Information
2
. A common security objective is to send a message from Alice to Bob in such a
way that nobody else can read the message and that Bob can be sure that the
message that he received did indeed come from Alice.
(a) Identify the goals of a simple cryptographic protocol to meet this security
objective.
(b) Specify a simple cryptographic protocol based only on symmetric cryp-
tography designed to meet these goals, including the assumptions, flow,
messages and actions involved in the protocol.
3
. Provide some simple examples of a cryptographic protocol failing to provide
the intended security services that results from a problem with:
(a) the protocol assumptions;
(b) the protocol messages;
(c) the protocol actions.
4
. Design a protocol based on Protocol 1 in Section 9.3.2 that, in addition to the
existing protocol goals, also allows Alice to confirm that Bob is alive.
5
. The security objectives of a cryptographic protocol are for Alice to be able to
send a highly confidential email message to Bob in such a way that:
• Bob can prove to Charlie that the email came from Alice;
• Alice receives confirmation that Bob received the email message.
(a) Determine the protocol goals.
(b) Propose a simple cryptographic protocol (including assumptions, flow,
messages and actions) for achieving these goals.
6
. Let
p
=
23 and
g
=
11 be system-wide parameters for the Diffie-Hellman
protocol.
(a) Show that if Alice chooses
a
4 then, by following
the Diffie-Hellman protocol, both of them establish the same secret value.
(b) What is the largest symmetric key length that Alice and Bob could safely
derive directly from this shared secret?
(c) Explain how attacker Fred can conduct a man-in-the-middle attack using
the value
f
=
3.
7
. Man-in-the-middle attacks do not
=
2 and Bob chooses
b
=
just apply against
the Diffie-Hellman
protocol.
(a) Explain how a man-in-the-middle attack against a generic cryptographic
protocol works.
(b) Is it possible to conduct a meaningful man-in-the-middle attack against
the dynamic password scheme based on challenge-response that we
described in Section 8.5?
8
. For each of the typical AKE protocol goals defined in Section 9.4.1, explain what
might go wrong if an AKE protocol fails to provide that goal.
