An authentication protocol using a key distribution center (KDC) is shown in fig

Question

An authentication protocol using a key distribution center (KDC) is shown in figure. Each user share one and only one key with KDC. The authentication and the exchange of session key between two users happens via KDC. KDC A KDC: IDA, E(KA, [IDB, KAB] KDCB: E(KB, [IDA, KAB]D) For example, if A wants to communicate with B, he creates a session key KAB and indicates to KDC that he wants to speak to B by sending message encrypted by KA. KA is key shared between A and KDC. KDC decrypts this message and creates a new one intended for B, containing IDa and session key between A and B. This message is encrypted with the key common to B and KDC that is KB. 1- Explain why a pirate cannot pretend to be A at KDC 2- Explain why B is sure that the message comes from KDC From which attacks is this protocol not shielded thwart this type of attacks? 4- How can we improve the protocol, without increasing the number of exchanges to

Explanation / Answer

Solution :-

The given authentication between A and B is given below. The key exchange session happens via KDC.

A --> KDC : IDA, E(KA, [IDB, KAB])

KDC --> B : E(KB, [IDA, KAB])

KDC is a key distribution center and host A and B exhanges their session key with the help of KDC. Each host has a shared secret key with the KDC.

1) Any pirate is not able to pretend to be A at the KDC. The reason is that the host A has a secret key KA shared with the KDC. So when the messages encrypted with this key KA then KDC ensures that the sender is host A, and the key is shared to KDC, so KDC able to decrypt the message.

Any unauthorized host or pirate has ot knowledge of the shared key between A and the KDC. When a pirate pretending to be A at the KDC, then KDC sees the message is not encrypted with the host A's shared key. So, it is identiied by the KDC and no other pirate can pretend to KDC.

2) When host B recieves the message form the KDC, this message is encrypted from the secret shared key KB between KDC and the host B. So B knows that the secret key is shared with the KDC only and recieved message is also encrypted with the secret key, therefore host B assures that the message recieved is sent by KDC.

3) This protocol is vulnerable to the replay attacks. Suppose an attacker X intercepts the message of host A sent to KDC. Then X keeps the message with it and send the message to the KDC later on the behalf of A. KDC recieves the message of host A but sent by X. Therefore, attacker X can replay the messages and attacks on the transmission.

4) To handle the above given relay attack the TImestamps can be used in the transmission. The clocks of the sender and reciever are synchronized. Timestamps is used to keep message valid for given time of period. If this message send later, then the reciever matches timestamp and identifies that the timestamp is expired so message is discarded.  

For the given situation of attack, the given protocol can be improived and prevented from the attacks by using the Timestamps.

A --> KDC : IDA, E(KA, [IDB, KAB, TA])

KDC --> B : E(KB, [IDA, KAB, TKDC])

In the improved version of protocol the Host sends a message to the KDC with a timestamp TA. So if the message is intercepted and sent later by the X then KDC observes that the timestamp is ot valid so message is discarded.

In second step the KDC also send a TImestamp TKDC to the host B with the message. So replay of this message will be discarded. Therefore by using the timestamps the attacker X can not be replay the messages. So, the given protocol is improved by use of timestamps in the message exchange.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.