computer network security questiopns The original three-way authentication proce

Question

computer network security questiopns

The original three-way authentication procedure for X.509 illustrated in Figure 14.6c contains a security flaw. The essence of the protocol is as follows: AB: A(b) The text of X.509 states that checking timestamps tn and tg is optional for thrce-way authentication. But consider the following example: Suppose A and B have used the preceding protocol on somc previous occasion, and that opponent C has intcrcepted the preceding three messages. In addition, suppose tha mestamps are not used and are all set to 0. Finally, suppose C wishes to impersonate A to B. C initially sends the first captured message to B B responds, thinking it is talking to A but is actually talking to C: C meanwhile causes A to initiate authentication with C by some means. As a result, A sends C thc following: C responds to A using the same nonce provided to C by B. A responds with This is exactly what Cnceds to convince B that it is talking to A, so C now repeats the incoming message back out to B. So B wil believe it is talking to A whereas it is actually talking to C. 1. Suggest a solution to this problem that does not use timestamps. (6 points) 2. Give an argument why your solution is correct. (4 points)

Explanation / Answer

This can be fixed by adding the name B in the signed information for the third message as below:            A -> B: A {rB, B} This message is not using timestamp. The argument for the above solution is as follows: By inclusion of the new message B and not using timestamp both A and B will know that acknowledge, is came from B and A respectively and hence if any other C tries to impersonate than the inclusion of acknowledging will lead to knowing that the message came from which source.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.