cryptography and Network Security
I need the solutions for the 2 problems of this uploaded file. like;
For the Protocols 1, 2, 3, and 4, given below, determine which of the following five security services are being implemented and which are not implemented. In each case, explain why.
Services:
C Confidentiality,
AS Authentication of the Sender,
AR Authentication of the Receiver,
NS Non-repudiation of the Sender, and
NR Non-repudiation of the Receiver.
The file uploaded has the whole 2 problem Questions
Homework 1
Written Assignment
due by Saturday, September 19, 11:59pm
(submission using Blackboard)
Problem 1
For the Protocols 1, 2, 3, and 4, given below, determine which of the following five security
services are being implemented and which are not implemented.
In each case, explain why. Answers without justification will receive a 50% penalty.
Services:
C Confidentiality,
AS Authentication of the Sender,
AR Authentication of the Receiver,
NS Non-repudiation of the Sender, and
NR Non-repudiation of the Receiver.
Protocol 1
1. A sends to B
A, E(PUB, M), h(M || A || B), B
2. B sends to A
B, h(M || A || B), A
Protocol 2
1. A sends to B
A, E(PUB, M), E(PRA, h(M || A)), B
2. B sends to A
B, E(PUA, h(M || B)), A
Protocol 3
1. A sends to B
A, E(PUB, K), E(K, M), E(PRA, h(M || A)), B
2. B sends to A
B, E(PRB, K || M || B), A
Protocol 4
1. A sends to B
A, M, E(KAB, h(M || A)), B
2. B sends to A
B, h(M || B), A
Notation:
X represents a unique name of the user X, where X=A or B
M means a message
V || W means V concatenated with W
KAB means a secret key shared in advance by A and B
K means a session key, generated at random as a part of a given protocol
E(PUY, Z) means Z encrypted using a public key of Y
E(PRY, Z) means Z encrypted using a private key of Y
E(K, Z) means Z encrypted using a secret key K
Problem 2
Demonstrate that the following constructions for Message Authentication Codes (MACs) do not
fulfill the security requirements of MACs, by describing an efficient (computationally
inexpensive) attack against each scheme.
The description of each attack should contain the equations for m and MACK(m), such
that m’ m, and MACK(m) can be calculated by an attacker without the knowledge of the
secret key K, based on just one valid pair {m, MACK(m)}. Do your best to make m as
much different from m as allowed by the given MAC scheme.
Assume that all underlying cryptographic transformations (i.e., secret key ciphers and hash
functions) are strong, i.e., they fulfill all security requirements specific to the given class of
cryptographic transformations.
Notation:
m1, m2, …, mN = blocks of message m
c1, c2, …, cN, k1, k2, …, kN, X = intermediate variables
IV = initialization vector (a constant sent in clear in the header of the message)
K = a key known only to the sender and receiver
EK(X) = encryption of X with the key K
h(y) = hash value of the message y
|| represents concatenation; represents an XOR operation
for i=1..N means for each integer i between 1 and N
a) X= h(m1 m2 m3 mN)
MACK(m) = EK(X)
b) MACK(m) = EK(h(m1 m2)) EK(h(m3 m4)) EK(h(mN-1 mN))
Assume that N is an even integer.
c) MACK(m) = EK(h(m1||m2) h(m2||m3) h(m3||m4) h(mN-1||mN) h(mN||m1))
d) ki = EK(IV+i-1) for i=1..N
ci = mi ki i for i=1..N
MACK(m) = h(c1 c2 cN/2) || h(cN/2+1 cN/2+2 cN)
Assume that N is an even integer.
e) c0 = IV
ci = mi ki i for i=1..N
ki = EK(ci-1) for i=1..N
MACK(m) = c1 c2 cN
Recommended Reading Assignment
(including material covered during the next lecture)
W. Stallings, Cryptography and Network Security: Principles and Practice,
8th edition:
Chapter 15 Cryptographic Key Management and Distribution
or
7th edition:
Chapter 14 Key Management and Distribution.
