ENG 305 Homework 3 Data Security – Digital Signature Assignment please no plagiarism !!! 0% similarityI will attach the word file please solve all question

ENG 305 Homework 3 Data Security – Digital Signature Assignment please no plagiarism !!! 0% similarityI will attach the word file please solve all question. Also I attach the answers not sure its correct or not please chack it but please try to make it 0% similarity. Homework 3
Think more carefully when you analyze an authentication protocol design.
1.
2.
3.
4.
Describe the differences between digital signature and digital certificate.
Describe the differences between PKI and KDC.
Describe the differences between symmetric crypto and asymmetric crypto.
Explain the reflection attacks against symmetric key based authentication, and
explain potential countermeasures.
5. Alice and Bob use the Diffie-Hellman to create two keys k1 and k2. In generating k1,
Alice selects a random number x and computes SA = gx mod p. Bob selects a random
number y and computes SB = gy mod p. Alice and Bob exchange SA and SB, and k1 =
gxy mod p. In generating k2. Alice chooses another random number x’ but Bob still uses
the same random number y. Suppose an eavesdropper knows that x and x’ differ each
other by t (i.e., either x-x’ = t or x’-x=t). Given the knowledge of k1 and a pair of
plaintext M and ciphertext C encrypted by k2, can the eavesdropper find out k2?
6. Suppose we are using a three-message mutual authentication protocol, and Alice
initiates contact with Bob. Suppose we wish Bob to be a stateless server, and
therefore it is inconvenient to require him to remember the challenge he sent to Alice.
Let’s modify the exchange so that Alice sends the challenge back to Bob, along with
the encrypted challenge. So the protocol is shown as follows. Is this protocol secure?
R
Bob
Alice
I’m Alice
R, K_Alice_Bob{R}
7. Let’s modify the protocol from the previous problem so that Bob (still stateless) sends
both a challenge, and a challenge encrypted with a key K_Bob that only he knows.
R, K_Bob{R}
Bob
Alice
I’m Alice
K_Bob{R}, K_Alice_Bob{R}
Is this protocol secure?
8. Suppose Alice and Bob know each other’s public key, and they use the following
protocol to achieve mutual authentication: Alice signs the message M1=“This is
Alice” and Bob signs the message M2=“This is Bob”. Explain the vulnerability.
M1 = This is Alice , Alice_Sign(M1)
Alice
M2 = This is Bob , Bob_Sign(M2)
Bob
9. Now, suppose Alice and Bob use random numbers to enhance security. Alice signs
the combination of message M1=“This is Alice” and a random number R1, then send
M1, R1, and digital signature to Bob; and Bob does the similar thing. Is this secure?
M1 = This is Alice , R1, Alice_Sign(M1, R1)
Alice
M2 = This is Bob , R2, Bob_Sign(M2, R2)
Bob
10. An even trickier question: In a three-message authentication protocol, Alice initiates
contact with Bob. Bob is a stateless server, and thus it is inconvenient for him to
remember the challenges sent to Alice. Assume that Alice and Bob share a key KAliceBob and Bob also has a key KBob only known to himself. The protocol works as follows,
where R1 and R2 are random numbers generated by Alice and Bob, respectively.
I’m Alice, R1
Alice
I’m Bob, KBob{R2}, KAlice-Bob {R1+R2},
KBob{R2}, KAlice-Bob{R2}
Bob (cannot
remember
anything from
any previous
information)

a. Does this protocol provide mutual authentication? If yes, why? If no, who cannot
authenticate whom and why?
b. Could a third person, Trudy, impersonate Alice? Describe a possible attack scenario.
If it is not possible, clearly state so and give reasons.
c. Could Trudy impersonate Bob? Describe a possible attack scenario. If it is not
possible, clearly state so and give reasons.
11. expanded Needham- Schroeder Protocol can be shortened to a 6-message protocol
without loss of security by merely removing the 7th message. Why is this true? (Hint:
the purpose of the 7th message is to prove to Bob that he is talking to Alice, but he
already knows that. Why?)
HOME WORK-3
1. Describe the difference between digital signature and digital certificate.
Solution:
Digital Signature:
It is a digital code derived using the private key of the specific entity and the contents of an
electronic document. It is always unique to the user as well as to that document. It is mainly
used for file transfer, important document sharing, software distributions etc.
Digital Certificate:
It is nothing but an electronic document certifying the public key of a given entity (human or
machine). It also contains the digital signature of the given certifier. A digitally signed
document is verified using public key of the signer (or the signing entity), thus to trust the
digitally signed document, the public key needs to be certified by a trusted third party which
is known as Certifying Authority in general.
2. Describe the difference between PKI and KDC.
Solution:
PKI:
➢
➢
➢
➢
➢
PKI stands for Public Key Infrastructure.
It represents Asymmetric cryptography.
Private Key is used to authenticate users.
Pre-registration is not required in this case.
Each user has a pair of key- private and public key. Public key is published to user
and private key is kept secret.
KDC:
➢
➢
➢
➢
➢
KDC stands for Key Distribution Center
It represents Symmetric cryptography.
Password is required to authenticate user.
KDC must register each user to able to have access to the network.
Tickets are used for user authentication and tickets are issued via KDC.
3. Describe the difference between symmetric crypto and asymmetric crypto.
Solution:
Symmetric Crypto:
➢
➢
➢
➢
Two parties must trust each other.
Both parties share same key or one key is computable from the other.
It is typically faster.
Examples: DES, AES, RC5
Asymmetric Crypto:
➢
➢
➢
➢
Two parties do not trust each other.
It has two separate keys- a public and a private key.
It is typically slower.
Examples: RSA, DSA, ECC
4. Explain the reflection attacks against symmetric key based authentication, and explain
potential countermeasures.
Solution:
Reflection attacks against symmetric key based authentication:
An intruder sends information from ongoing protocol execution back to the originator of
that information. By doing this, one of the participants gets fooled and they generate the
responses for their own challenge. So in order to fool a participant, the intruder runs one or
more concurrent instances of the protocol and interleaves them with the original. In this
case, participant has no idea that he is generating responses for its own challenges.
Potential Countermeasures:
➢
➢
➢
➢
By breaking the protocol symmetry, the reflection attacks can be avoided.
The initiator should authenticate themselves first.
We can provide mutual authentication to avoid reflection attacks.
The two parties should do two different things.
5. Alice and Bob use the Diffie-Hellman to create two keys k1 and k2. In generating k1,
x
Alice selects a random number x and computes SA = g mod p. Bob selects a random
y
xy
number y and computes SB = g mod p. Alice and Bob exchange SA and SB, and k1 = g
mod p. In generating k2. Alice chooses another random number x’ but Bob still uses the
same random number y. Suppose an eavesdropper knows that x and x’ differ each other
by t (i.e., either x-x’ = t or x’-x=t). Given the knowledge of k1 and a pair of plaintext M
and cipher text C encrypted by k2, can the eavesdropper find out k2?
Solution:
Yes, the eavesdropper can find out k2. Since he has the data about x and x’, he can
effectively intercept k2. Based upon the same data, k1 can too be intercepted since Bob
ahs utilized the same random number y. once the k1 is intercepted, the eavesdropper
would be able to find out SA and SB. Thus key k2 is additionally compromised.
6. Suppose we are using a three-message mutual authentication protocol, and Alice
initiates contact with Bob. Suppose we wish Bob to be a stateless server, and therefore
it is inconvenient to require him to remember the challenge he sent to Alice. Let’s
modify the exchange so that Alice sends the challenge back to Bob, along with the
encrypted challenge. So, the protocol is shown as follows. Is this protocol secure?
Solution:
No, this protocol can’t be called as secure as replay attack occurs in this situation. In the
given three-message mutual authentication protocol, if the attacker wants to reply to
the Alice’s message, then he can do it whenever he wants. If Bob doesn’t remember his
current challenge or if the current challenge is going on in Bob’s case, then he won’t be
able to know the response is for a previous challenge. So in order to make it secure, we
need to implement timestamp concept here. So that if the Bob is sending timestamp as
the challenge, then attacker would not be able to reply the message quick enough so
that Bob will accept the timestamps in the message.
7. Let’s modify the protocol from the previous problem so that Bob (still stateless) sends
both a challenge, and a challenge encrypted with a key K_Bob that only he knows.
Solution:
As the communication has been completely encrypted with Bob’s private key, this
protocol is secure. In this case, first Alice will set up a connection between Alice and
Bob. Then, Bob replies for authentication to Alice with its Private Key and then Alice
acknowledges that he will get reply from Bob with secret key K_Alice_Bob.
8. Suppose Alice and Bob know each other’s public key, and they use the following
protocol to achieve mutual authentication: Alice signs the message M1=“This is Alice”
and Bob signs the message M2=“This is Bob”. Explain the vulnerability.
Solution:
Here the design falls vulnerable as the attacker will be able to sniff the messages sent by
Bob as the authentication is done only at the initial setup and no authentication for later
messages. This can be attacked from both Alice as well as Bob’s side and can be
prevented by use of time stamp.
9. Now, suppose Alice and Bob use random numbers to enhance security. Alice signs the
combination of message M1=“This is Alice” and a random number R1, then send M1,
R1, and digital signature to Bob; and Bob does the similar thing. Is this secure?
Solution:
This method is more secure as it secures the message from the intruder and also uses
random numbers R1 and R2 for authentication.
10. An even trickier question: In a three-message authentication protocol, Alice initiates
contact with Bob. Bob is a stateless server, and thus it is inconvenient for him to
remember the challenges sent to Alice. Assume that Alice and Bob share a key KAliceBob and Bob also has a key KBob only known to himself. The protocol works as follows,
where R1 and R2 are random numbers generated by Alice and Bob, respectively.
a.
Does this protocol provide mutual authentication? If yes, why? If no, who cannot
authenticate whom and why?
b.
Could a third person, Trudy, impersonate Alice? Describe a possible attack
scenario. If it is not possible, clearly state so and give reasons.
c.
Could Trudy impersonate Bob? Describe a possible attack scenario. If it is
not possible, clearly state so and give reasons.
Solution:
a. Yes this protocol provides mutual authentication as public key is involved.
b. A third person like Trudy can Impersonate Alice as Bob is a stateless machine and
cannot remember previous challenges. So by replay attack Trudy can easily
manipulate bob.
c. No Trudy cant impersonate Bob as Alice can easily distinguish between Bob and
Trudy.
11. The expanded Needham-Schroeder Protocol can be shortened to a 6-message protocol
without loss of security by merely removing the 7th message. Why is this true? (Hint:
the purpose of the 7th message is to prove to Bob that he is talking to Alice, but he
already knows that. Why?)
Solution: Yes the Expanded Needham Protocol can be reduced to 6 message protocol
without loss of security. As KDC sends ticket to Alice which includes identity of Bob as
well as token to Bob which includes the identity of Alice. So, when they authenticate,
they know they are talking to each other.

Purchase answer to see full
attachment