Solved

Understanding a problem in Security services and protocols

Posted on 2016-10-05
3
98 Views
Last Modified: 2016-10-07
I know my question is a homework problem and I don't want an answer, I just want to understand how this problem could be solved!
you can give a similar example or show me how to do part of the problem, I will be grateful.

Four Security services: confidentiality (C), Integrity (I), Sender Authentication (A), and Non-Repudiation (NR)

Not: assume that the public key (and its private key) cannot be forged and is authentic. So, if a signature of a message can be verified via the corresponding public key, the sender will not be able to deny having sent the message.

Suppose the following notations are used:
k_1  ,k_2:keys
S:sender
R:receiver
E_k (x):Encryptionof x under k
〖SIG〗_k (x):signature on x under k
X_pri:private key of entity X  
X_pub:public key of entity X  
H:a public secure cryptographic hash function such as SHA-1  
〖PRNG〗_s:a binary stream from a pesudo random number generator seeded with s
||:simple concatenation
M:the message
 
For each protocol use C, I, A and NR to represent the services protocol provides. If the protocol cannot provide any service wire “None”.

      
  1. S generates a random session key s_k  and sends〖 E〗_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )  || (M ⊕〖PRNG 〗_(s_k ) )to R.
  2.      〖 S send y=E〗_(k_1 ) ( x || H(k_(2 ) || x) )  to R.
  3.      S send y=〖〖 E〗_(R_pub ) (x ||  SIG〗_(S_pri ) (H(x))) to R.
  4.      S generates a new symmetric key s_k  and sends y= E_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )|| 〖SIG 〗_(S_pri ) (s_k )|| to 〖 E〗_(s_k ) (x)R.

because the question might not be clear here is an embedded picture .
problem5.png
0
Comment
Question by:Aaeshah
  • 2
3 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41832984
1. Message is not encrypted and just obfuscated by random string which is seeded by known public key. Quite low confidentiality.

2. This is symmetric encryption approach. K1 and K2 need to be privy as preshared key with R to make sure no leak of information. So the key exchange need to be strong to ensure the encryption is not compromise revealing "x". The encryption can be fast and for bulk encryption.

3. This is similar to (2) but asymmetric approach is used for digital signature. It would be stronger than (2) but can be slow so normally for shorter "x".

4. Normally for mass user mailing list to send encrypted message. Each user's asymmetric keyset allows more users to be appended using the same symmetric key for encrypting "x". However the end result cryptogram can be huge. Like SMIME.

Overall as long as there is encryption and signature of message, the CI and NR is maintained. It is just a matter of cipher algorithm strength and its keysize used to determine strength level. The A does not really play a big part in the example so far as I see it.. Hope this help.
2
 

Author Comment

by:Aaeshah
ID: 41834168
Thank you for the reply, really helpful.
0
 
LVL 63

Expert Comment

by:btan
ID: 41834583
No worries. Thanks.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question