Solved

Understanding a problem in Security services and protocols

Posted on 2016-10-05
3
82 Views
Last Modified: 2016-10-07
I know my question is a homework problem and I don't want an answer, I just want to understand how this problem could be solved!
you can give a similar example or show me how to do part of the problem, I will be grateful.

Four Security services: confidentiality (C), Integrity (I), Sender Authentication (A), and Non-Repudiation (NR)

Not: assume that the public key (and its private key) cannot be forged and is authentic. So, if a signature of a message can be verified via the corresponding public key, the sender will not be able to deny having sent the message.

Suppose the following notations are used:
k_1  ,k_2:keys
S:sender
R:receiver
E_k (x):Encryptionof x under k
〖SIG〗_k (x):signature on x under k
X_pri:private key of entity X  
X_pub:public key of entity X  
H:a public secure cryptographic hash function such as SHA-1  
〖PRNG〗_s:a binary stream from a pesudo random number generator seeded with s
||:simple concatenation
M:the message
 
For each protocol use C, I, A and NR to represent the services protocol provides. If the protocol cannot provide any service wire “None”.

      
  1. S generates a random session key s_k  and sends〖 E〗_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )  || (M ⊕〖PRNG 〗_(s_k ) )to R.
  2.      〖 S send y=E〗_(k_1 ) ( x || H(k_(2 ) || x) )  to R.
  3.      S send y=〖〖 E〗_(R_pub ) (x ||  SIG〗_(S_pri ) (H(x))) to R.
  4.      S generates a new symmetric key s_k  and sends y= E_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )|| 〖SIG 〗_(S_pri ) (s_k )|| to 〖 E〗_(s_k ) (x)R.

because the question might not be clear here is an embedded picture .
problem5.png
0
Comment
Question by:Aaeshah
  • 2
3 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 41832984
1. Message is not encrypted and just obfuscated by random string which is seeded by known public key. Quite low confidentiality.

2. This is symmetric encryption approach. K1 and K2 need to be privy as preshared key with R to make sure no leak of information. So the key exchange need to be strong to ensure the encryption is not compromise revealing "x". The encryption can be fast and for bulk encryption.

3. This is similar to (2) but asymmetric approach is used for digital signature. It would be stronger than (2) but can be slow so normally for shorter "x".

4. Normally for mass user mailing list to send encrypted message. Each user's asymmetric keyset allows more users to be appended using the same symmetric key for encrypting "x". However the end result cryptogram can be huge. Like SMIME.

Overall as long as there is encryption and signature of message, the CI and NR is maintained. It is just a matter of cipher algorithm strength and its keysize used to determine strength level. The A does not really play a big part in the example so far as I see it.. Hope this help.
2
 

Author Comment

by:Aaeshah
ID: 41834168
Thank you for the reply, really helpful.
0
 
LVL 62

Expert Comment

by:btan
ID: 41834583
No worries. Thanks.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
Three simple tips to quickly and efficiently back up and protect the contents of your PC and Mac®.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now