Suppose Alice wants to communicate with Bob using symmetric key cryptography usi

Question

Suppose Alice wants to communicate with Bob using symmetric key cryptography using a session key Ks. In class, we learned how public-key cryptography can be used to distribute the session key from Alice to Bob. In this question, we explore how the session key can be distributed without public key cryptography using a key distribution center (KDC). The KDC is a server that shares a unique secret symmetric key with each registered user. For Alice and Bob, denote these keys by K_A-KDC and Kb-KDC. Design a scheme that uses the KDC to distribute K_s to Alice and Bob. Your scheme should use three messages to distribute the session key: a message from Alice to the KDC; a message from the KDC to Alice; and Finally a message from Alice to Bob. We use the notation, K_A-KDC, K_B-KDC, KS, A, and B to show the messages. The first message is given. What are the second and third messages? The first message: KA-KDC(A, B) The second message? The third message?

Explanation / Answer

Solution:-

1) The First message is -

  KA-KDC (A,B)

This message is sent from Alice to KDC for a session key to perform communication with Bob. Alice used KA-KDC to encrypt her communication with the KDC, Alice sends a message to the KDC saying she (A) wants to communicate with Bob (B). We denote this message, KA-KDC (A,B). So Alice authenticates herself to the KDC by using KA-KDC.

2) The second message is -

KA-KDC(Ks,KB-KDC(A,Ks))

As The KDC knows secret keys of all hosts, so by knowing KA-KDC , it decrypts KA-KDC (A,B).  The KDC then authenticates Alice. The KDC then generates a one time session key Ks. This is the shared key value that Alice and Bob will use to perform symmetric encryption when they communicate with each other. This key is referred to as a one-time session key , as Alice and Bob will use this key for only this one session that they are currently setting up. The KDC now needs to inform Alice and Bob of the value of Ks. The KDC thus sends back an encrypted message to Alice containing the following:

Ks, the one-time session key that Alice and Bob will use to communicate

A pair of values: A, and Ks, encrypted by the KDC using Bob's key, KB-KDC . We denote this KB-KDC(A,Ks). It is important to note that KDC is sending Alice not only the value of Ks for her own use, but also an encrypted version of Ks and Alice's name encrypted using Bob's key. Alice can't decrypt this pair of values in the message as she doesn't know Bob's encryption key, but then she doesn't really need to. Alice will simply forward this encrypted pair of values to Bob (who can decrypt them).These items are put into a message and encrypted using Alice's shared key. The message from the KDC to Alice is thus KA-KDC(Ks,KB-KDC(A,Ks)).

3) The third message is -

KB-KDC(A,Ks)

Alice receives the message from the KDC, verifies it, extract Ks from the message and saves it. Alice now knows the one-time session key, Ks. Alice also extracts KB-KDC(A,Ks) and forwards this to Bob.

Now Bob receive this message and decrypts the received message, KB-KDC(A,Ks), using KB-KDC and extracts A and Ks. Bob now knows the one-time session key, Ks, and the person with whom he is sharing this key, A.

So these are the sequence of messages exchanged among the Alice, Bob and KDC. Now Alice and Bob can communicate using the session key Ks.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.