University of South Florida Signature and Digital Certificate Paper

1.Describe the differences between digital signature and digital certificate.Digital signature:
These are the cryptographic computations which enable the system or a person to perform the
authentication of their documents in a unique way that achieves nonrepudiation. These digital
signatures were derived from the fact that in typical public-key encryption schemes, we can
reverse the order in which the encryption and decryption algorithms are applied:
EPB(DSB(M)) = M.
Digital Certificate:
It is like the identification cards for example passport or resident permits. These certificates are
issued by governments recognized authorities. When a person requests a digital certificate
recognized authorities verifies the personal identity and purpose behind the requested
certificate. When this certificate is presented to others, they can verify the identity of its owner.
2- Describe the differences between PKI and KDC.
PKI:
Public key infrastructure is a complete algorithm or body in which have different modules.
Like key distribution and management, authentication, integrity, confidentiality, availability,
and non-repudiation. The following are some basic about the PKI:
• In Asymmetric cryptography
• Private Key is utilized to validate clients. The private key is put away on the circle, and keep
up by clients.
KDC:
KDC is an abbreviation of a key distribution center it is a component in an access control
system. Its main task is to provide services to user requests to gain access for resources/system
by supplying session keys and access tickets. It uses cryptographic techniques for the
authentication of users requests for resource access. When the user gets successful
authentication, it provides the user with a ticket to target resource/system which grants the user
access for the required resource.
• In Symmetric cryptography
• Password used for authentication
3- Describe the differences between symmetric crypto and asymmetric crypto.
Symmetric Crypto:
• Two parties must trust each other.
• utilizes the same key(one secret key)
• faster.
• Examples: DES, AES, RC5
Asymmetric Crypto:
• Two parties do not trust each other.
• utilizes a pair of keys: a public and a private key
• slower.
• Examples: RSA, DSA, ECC
4- Explain the reflection attacks against symmetric key based authentication, and explain potential
countermeasures.
Symmetric key:
symmetric key cryptography is a simple and most know the type of cryptography in which both sender
and receiver share the common secret key in order to perform the encryption and decryption process.
The other name for its shared key cryptography.
Reflection attack:
An attacker can take a ciphertext c sent from A to B and send it back to A. This again can cause a
mismatch between the two parties’ transcripts of their communication session: A may output a message
m, even though B never sent such a message.
Potential countermeasures:
1) Different keys for initiator and responder; KAlice-Bob = KBob-Alice + 1
2) Different Challenges: Alice and Bob’s challenges cannot be the same
3) The initiator should be the first to prove its identity
5-Alice and Bob use the Diffie-Hellman to create two keys k1 and k2. In generating k1, Alice selects
a random number x and computes SA = gx mod p. Bob selects a random number y and computes
SB = gy mod p. Alice and Bob exchange SA and SB, and k1 = gxy mod p. In generating k2. Alice
chooses another random number x’ but Bob still uses the same random number y. Suppose an
eavesdropper knows that x and x’ differ each other by t (i.e., either x-x’ = t or x’-x=t). Given the
knowledge of k1 and a pair of plaintext M and ciphertext C encrypted by k2, can the eavesdropper
find out k2?
Yes, Attacker can find out the key k2 because it has k1 and pair of plaintext which is enough for brute
force attack. They will find out the pattern and with the help of pattern, he can find out the key k2.
That’s why the double key is sometimes not so secure because it may produce patterns. An attacker may
find a way to decrypt it. Like, in this case, he can find out the key K2.
6- Suppose we are using a three-message mutual authentication protocol, and Alice initiates
contact with Bob. Suppose we wish Bob to be a stateless server, and therefore it is
inconvenient to require him to remember the challenge he sent to Alice. Let’s modify the
exchange so that Alice sends the challenge back to Bob, along with the encrypted challenge.
So the protocol is shown as follows. Is this protocol secure?
No. It is liable to the replay assault. A busybody can replay Alice’s messages whenever. On the off
chance that Bob remembers his present test, he won’t realize that the reaction is to a past test. We can
make it secure by Bob sending timestamps as the test (expecting the assailant can’t replay the messages
quick enough so that the timestamp in the message is adequate to Bob).
7- Let’s modify the protocol from the previous problem so that Bob (still stateless) sends both a
challenge, and a challenge encrypted with a key K_Bob that only he knows. Is this protocol
secure?
No. The convention is shaky, in light of the fact that spying is conceivable. In the event that Oscar
tunes in to the correspondence and stores the pair (R1, Alice-Bob(R1)), he can verify himself with
Sway as Alice utilizing this message (until the convention is changed). Oscar sends Bob the
message: „I am Alice”, Bob sends Trudy an irregular number (which Bob can’t recall since he is
stateless) and Oscar sends Bob the captured pair.
8- Suppose Alice and Bob know each other’s public key, and they use the following protocol to
achieve mutual authentication: Alice signs the message M1=“This is Alice” and Bob signs the
message M2=“This is Bob”. Explain the vulnerability.
Mutual authentication with the help of the public key is not a secure protocol. Man in the middle attack
is possible. For better protocol, Alice should encrypt the message with the private key of Bob and Bob
should encrypt the message with the private key of Alice.
9- Now, suppose Alice and Bob use random numbers to enhance security. Alice signs the
combination of message M1=“This is Alice” and a random number R1, then send M1, R1, and
digital signature to Bob; and Bob does the similar thing. Is this secure?
Yes, it is secure it will produce the randomness so the man in the middle attack will be
impossible.
10- An even trickier question: In a three-message authentication protocol, Alice initiates contact with
Bob. Bob is a stateless server, and thus it is inconvenient for him to remember the challenges sent to
Alice. Assume that Alice and Bob share a key KAlice- Bob and Bob also has a key KBob only known
to himself. The protocol works as follows, where R1 and R2 are random numbers generated by
Alice and Bob, respectively.
a.
Does this protocol provide mutual authentication? If yes, why? If no, who cannot authenticate
whom and why?
Yes, this protocol is providing mutual authentication on both ends. As we know that both Bob and Alice share a
common key KAlice- Bob. Since Bob can recognize Alice and Alice can also confirm Bob with R1 where Alice
is sending a message to Bob. Bob is stateless but still, he has the common key and R1 is playing the integrating
to the server on Bob side for authentication.
B. Could a third person, Trudy, impersonate Alice? Describe a possible attack scenario. If it is not
possible, clearly state so and give reasons.
Yes, Trudy can Impersonate Alice by R1 in order to do that she has to send some chance number tR1 to Bob.
C. Could Trudy impersonate Bob? Describe a possible attack scenario. If it is not possible, clearly
state so and give reasons.
Yes, Trudy can Impersonate Bob only she gets to the KAlice- Bob and also the key of Bob.
11- The expanded Needham- Schroeder Protocol can be shortened to a 6-message protocol without loss
of security by merely removing the 7th message. Why is this true? (Hint: the purpose of the 7th
message is to prove to Bob that he is talking to Alice, but he already knows that. Why?)
It is still true because the 7th message is used for authentication of Alice but Bob already knows. There will be
no loss of information by removing the 7th message.