10. An even trickier question: In a three-message authentication protocol, Alice
ID: 3707530 • Letter: 1
Question
10. An even trickier question: In a three-message authentication protocol, Alice initiates contact with Bob. Bob is a stateless server, and thus it is inconvenient for him to remember the challenges sent to Alice. Assume that Alice and Bob share a key KAlice- Bob and Bob also has a key Ksob only known to himself. The protocol works as follows, where R1 and R2 are random numbers generated by Alice and Bob, respectively. I'm Alice, R1 Bob (cannot remember anything from any previous information) Alice I'm Bob, KBob R2), KAlice-Bob (R1+R2), KBobIR2), Kaice BoblR2) a. Does this protocol provide mutual authentication? If yes, why? If no, who cannot b. Could a third person, Trudy, impersonate Alice? Describe a possible attack scenario. c. Could Trudy impersonate Bob? Describe a possible attack scenario. If it is not authenticate whom and why? If it is not possible, clearly state so and give reasons. possible, clearly state so and give reasons.Explanation / Answer
Answer:
(a) Initially mutual verification occurs flanked by Bob and Alice since Bob has the KeyAliceBob. (Bob recognizes Alice)
And Alice can confirm Bob by the chance figure R1 which Alice sends and receive it rear from Bob.
But in case if Bob is powerless to bear in mind KeyAliceBob and R1 which was conventional in preceding step then verification fails at Bob site.
(b) Trudy can mimic Alice by distribution some chance number R1 to Bob.
But as Bob has the KeyAliceBob which Bob sends to Trudy haughty it is Alice. Trudy can attack.
(c) Trudy can impersonate Bob only if he gets the KeyAliceBob as well as the key KBob else he cannot.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.