Understanding a problem in Security services and protocols

I know my question is a homework problem and I don't want an answer, I just want to understand how this problem could be solved!
you can give a similar example or show me how to do part of the problem, I will be grateful.

Four Security services: confidentiality (C), Integrity (I), Sender Authentication (A), and Non-Repudiation (NR)

Not: assume that the public key (and its private key) cannot be forged and is authentic. So, if a signature of a message can be verified via the corresponding public key, the sender will not be able to deny having sent the message.

Suppose the following notations are used:
k_1  ,k_2:keys
S:sender
R:receiver
E_k (x):Encryptionof x under k
〖SIG〗_k (x):signature on x under k
X_pri:private key of entity X  
X_pub:public key of entity X  
H:a public secure cryptographic hash function such as SHA-1  
〖PRNG〗_s:a binary stream from a pesudo random number generator seeded with s
||:simple concatenation
M:the message
 
For each protocol use C, I, A and NR to represent the services protocol provides. If the protocol cannot provide any service wire “None”.

      
  1. S generates a random session key s_k  and sends〖 E〗_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )  || (M ⊕〖PRNG 〗_(s_k ) )to R.
  2.      〖 S send y=E〗_(k_1 ) ( x || H(k_(2 ) || x) )  to R.
  3.      S send y=〖〖 E〗_(R_pub ) (x ||  SIG〗_(S_pri ) (H(x))) to R.
  4.      S generates a new symmetric key s_k  and sends y= E_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )|| 〖SIG 〗_(S_pri ) (s_k )|| to 〖 E〗_(s_k ) (x)R.

because the question might not be clear here is an embedded picture .
problem5.png
AaeshahAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
btanConnect With a Mentor Exec ConsultantCommented:
1. Message is not encrypted and just obfuscated by random string which is seeded by known public key. Quite low confidentiality.

2. This is symmetric encryption approach. K1 and K2 need to be privy as preshared key with R to make sure no leak of information. So the key exchange need to be strong to ensure the encryption is not compromise revealing "x". The encryption can be fast and for bulk encryption.

3. This is similar to (2) but asymmetric approach is used for digital signature. It would be stronger than (2) but can be slow so normally for shorter "x".

4. Normally for mass user mailing list to send encrypted message. Each user's asymmetric keyset allows more users to be appended using the same symmetric key for encrypting "x". However the end result cryptogram can be huge. Like SMIME.

Overall as long as there is encryption and signature of message, the CI and NR is maintained. It is just a matter of cipher algorithm strength and its keysize used to determine strength level. The A does not really play a big part in the example so far as I see it.. Hope this help.
2
 
AaeshahAuthor Commented:
Thank you for the reply, really helpful.
0
 
btanExec ConsultantCommented:
No worries. Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.