Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Understanding a problem in Security services and protocols

Posted on 2016-10-05
3
Medium Priority
?
139 Views
Last Modified: 2016-10-07
I know my question is a homework problem and I don't want an answer, I just want to understand how this problem could be solved!
you can give a similar example or show me how to do part of the problem, I will be grateful.

Four Security services: confidentiality (C), Integrity (I), Sender Authentication (A), and Non-Repudiation (NR)

Not: assume that the public key (and its private key) cannot be forged and is authentic. So, if a signature of a message can be verified via the corresponding public key, the sender will not be able to deny having sent the message.

Suppose the following notations are used:
k_1  ,k_2:keys
S:sender
R:receiver
E_k (x):Encryptionof x under k
〖SIG〗_k (x):signature on x under k
X_pri:private key of entity X  
X_pub:public key of entity X  
H:a public secure cryptographic hash function such as SHA-1  
〖PRNG〗_s:a binary stream from a pesudo random number generator seeded with s
||:simple concatenation
M:the message
 
For each protocol use C, I, A and NR to represent the services protocol provides. If the protocol cannot provide any service wire “None”.

      
  1. S generates a random session key s_k  and sends〖 E〗_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )  || (M ⊕〖PRNG 〗_(s_k ) )to R.
  2.      〖 S send y=E〗_(k_1 ) ( x || H(k_(2 ) || x) )  to R.
  3.      S send y=〖〖 E〗_(R_pub ) (x ||  SIG〗_(S_pri ) (H(x))) to R.
  4.      S generates a new symmetric key s_k  and sends y= E_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )|| 〖SIG 〗_(S_pri ) (s_k )|| to 〖 E〗_(s_k ) (x)R.

because the question might not be clear here is an embedded picture .
problem5.png
0
Comment
Question by:Aaeshah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 41832984
1. Message is not encrypted and just obfuscated by random string which is seeded by known public key. Quite low confidentiality.

2. This is symmetric encryption approach. K1 and K2 need to be privy as preshared key with R to make sure no leak of information. So the key exchange need to be strong to ensure the encryption is not compromise revealing "x". The encryption can be fast and for bulk encryption.

3. This is similar to (2) but asymmetric approach is used for digital signature. It would be stronger than (2) but can be slow so normally for shorter "x".

4. Normally for mass user mailing list to send encrypted message. Each user's asymmetric keyset allows more users to be appended using the same symmetric key for encrypting "x". However the end result cryptogram can be huge. Like SMIME.

Overall as long as there is encryption and signature of message, the CI and NR is maintained. It is just a matter of cipher algorithm strength and its keysize used to determine strength level. The A does not really play a big part in the example so far as I see it.. Hope this help.
2
 

Author Comment

by:Aaeshah
ID: 41834168
Thank you for the reply, really helpful.
0
 
LVL 65

Expert Comment

by:btan
ID: 41834583
No worries. Thanks.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question