Homework 4 (due 12-10)
1. Modify the secure authentication protocol in figure below to use a hash function instead of symmetric key encryption. The resulting protocol must still be secure.
2. We want to design a secure mutual authentication protocol based on a shared symmetric key. We also want to establish a session key, and we want to achieve perfect forward secrecy. Design such a protocol that exchanges only two messages?
3. Consider the following protocol, where K=h(S,RA,RB) and CLNT and SRVR are constants and KAB is a shared symmetric key.
(a) Does Alice authenticate Bob? Why or why not?
(b) Does Bob authenticate Alice? Why or why not?
4. The following mutual authentication protocol is based on a shared symmetric key KAB. Show that Trudy can attack the protocol to convince Bob that she is Alice, where we assume that the cryptography is secure. Modify the protocol to prevent such an attack by Trudy.
5. Suppose that in the Fiat-Shmir protocol we have N=55 and Alice’s secret is S=9. What is v? Suppose Alice chooses r=10. What does Alice send in the first message? What does Alice send in the third message, assuming Bob chooses e=0? What does Alice send in the third message, assuming Bob chooses e=1?
6.Developing a secure protocol between two parties to achieve even a simple goal can be very cumbersome. Consider this very simple example.
Romeo lives in Yongin and Juliet lives in Ho Chi Minh city. Romeo wants to send a love letter to Juliet using UPS, but in a way that no one can read it on the way. Romeo buys a lock LRomeo, a key KRomeo and a lockable box. Juliet buys a lock LJuliet and its key KJuliet. Now please help Romeo send the letter in Juliet so only she can read it and they live happily ever after.
Note: 1) The box has to be locked the whole time during transit
2) Romeo’s lock and key are different than Juliet’s lock and key.
3) Total number of
- Box: 1
- Locks: 2
- Keys: 2
7. The following protocol is used to renew a shared secret key between A and B. The old key is denoted KAB. At the end of the protocol, A and B agree on the new key K’AB. Suppose the nonces, the keys, and the node identities (‘A’ and ‘B’), are all 16-byte strings. Note that Mk denotes secure symmetric-key encryption, for example AES with CBS mode.
a) Can A infer the freshness of K’AB? Justify your answer.
b) Can A infer the integrity and authenticity of K’AB? Justify your answer.
c) Consider an active attacker that can inject arbitrary messages into the protocol. Can he make A and B agree on a different key? Justify your answer.
d) How would you enhance the protocol to make it more secure?
8. If a packet filter firewall does not allow reset(RST) packets out, then the TCP ACK scan will not succeed. What are some drawbacks to this approach?
9. An application proxy firewall is able to scan all incoming application data for viruses. It would be more efficient to have each host scan the application data it receives for viruses, since this would distribute the workload among the hosts. Why might it still be preferable to have the application proxy perform this function?
10. Suppose that at the time interval following the results in the table below, Alice’s file use statistics are A0=.05, A1=.25, A2=.25, and A3=.45. Is this normal for Alice? Give the updated values for H0 through H3.