Authentication is used to verify identities. The Diffie Hellman key exchange may

Question

Authentication is used to verify identities. The Diffie Hellman key exchange may be used to create a secret key that is shared exclusively by two given "parties".

You are to design a protocol that ensures the following properties are true for a network connection between two given end points:

1.) the two parties know each other. (Party "a" knows it is communicating with party "b", and vice versa.)

2.) their communication is secure from eavesdropping. (Third parties, i.e., Dr. Evil, cannot read their communications, but, party "a" can read party "b" messages, and vice versa.)

There are three primitive operations that you can use when you design your protocol:

1.) encryption

2.) secret key establishment. (A shared key is established at the two end points, that is known only to them. Doctor Evil has no access to this key.)

3.) authentication.

In which order must these operations be performed to ensure your protocol works correctly? What is the name of the attack that can happen when operations are performed in the wrong order, or an operation is omitted. Justify your answer.

Explanation / Answer

The order should be 3,2,1.

A "man-in-the-middle" attack may be done if we choose a wrong order, with the key exchange before authentication. In that case, Dr.Evil can share a key with A pretending to be B, and with B pretending to be A. The Station-to-station key exchange protocol takes care of this.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.