Introduction to Information Security


One-way Authentication Using Symmetric-Key Cryptography



Download 1,39 Mb.
bet40/44
Sana01.04.2022
Hajmi1,39 Mb.
#522548
1   ...   36   37   38   39   40   41   42   43   44
Bog'liq
CSS

One-way Authentication Using Symmetric-Key Cryptography

  • Assume that Alice and Bob share a secret symmetric key, KAB
  • One-way authentication protocol:
    • Alice creates a nonce, NA, and sends it to Bob as a challenge
    • Bob encrypts Alice’s nonce with their secret key and returns the result, Encrypt(NA, KAB), to Alice
    • Alice can decrypt Bob’s response and verify that the result is her nonce
    • A: => B(NA);

      B: => A(Encrypt(NA, KAB));

One-way Authentication Using Symmetric-Key Cryptography

  • Problem: an adversary, Mallory, might be able to impersonate Bob to Alice:
    • Alice sends challenge to Bob (intercepted by Mallory)
    • Mallory does not know KAB and thus cannot create the appropriate response
    • Mallory may be able to trick Bob (or Alice) into creating the appropriate response for her:
    • A: => M(NA);

      M: => B(NN);

      B: => M(Encrypt(NA, KAB));

      M: => A(Encrypt(NA, KAB));

One-way Authentication Using Public-Key Cryptography

  • Alice sends a nonce to Bob as a challenge
  • Bob replies by encrypting the nonce with his private key
  • Alice decrypts the response using Bob’s public key and verify that the result is her nonce
  • A: => B(NA);

    B: => A(Encrypt(NA, BPrivate));

  • Encrypting any message that someone sends as an authentication challenge might not be a good idea

One-way Authentication Using Public-Key Cryptography

  • Another challenge-and-response authentication protocol:
    • Alice performs a computation based on some random numbers (chosen by Alice) and her private key and sends the result to Bob
    • Bob sends Alice a random number (chosen by Bob)
    • Alice makes some computation based on her private key, her random numbers, and the random number received from Bob and sends the result to Bob
    • Bob performs some computations on the various numbers and Alice’s public key to verify that Alice knows her private key
  • Advantage: Alice never encrypts a message chosen by someone else

Download 1,39 Mb.

Do'stlaringiz bilan baham:
1   ...   36   37   38   39   40   41   42   43   44




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish