Solved

Understanding a problem in Security services and protocols

Posted on 2016-10-05
3
113 Views
Last Modified: 2016-10-07
I know my question is a homework problem and I don't want an answer, I just want to understand how this problem could be solved!
you can give a similar example or show me how to do part of the problem, I will be grateful.

Four Security services: confidentiality (C), Integrity (I), Sender Authentication (A), and Non-Repudiation (NR)

Not: assume that the public key (and its private key) cannot be forged and is authentic. So, if a signature of a message can be verified via the corresponding public key, the sender will not be able to deny having sent the message.

Suppose the following notations are used:
k_1  ,k_2:keys
S:sender
R:receiver
E_k (x):Encryptionof x under k
〖SIG〗_k (x):signature on x under k
X_pri:private key of entity X  
X_pub:public key of entity X  
H:a public secure cryptographic hash function such as SHA-1  
〖PRNG〗_s:a binary stream from a pesudo random number generator seeded with s
||:simple concatenation
M:the message
 
For each protocol use C, I, A and NR to represent the services protocol provides. If the protocol cannot provide any service wire “None”.

      
  1. S generates a random session key s_k  and sends〖 E〗_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )  || (M ⊕〖PRNG 〗_(s_k ) )to R.
  2.      〖 S send y=E〗_(k_1 ) ( x || H(k_(2 ) || x) )  to R.
  3.      S send y=〖〖 E〗_(R_pub ) (x ||  SIG〗_(S_pri ) (H(x))) to R.
  4.      S generates a new symmetric key s_k  and sends y= E_(S_pub ) ( s_k )||〖 E〗_(R_pub ) ( s_k )|| 〖SIG 〗_(S_pri ) (s_k )|| to 〖 E〗_(s_k ) (x)R.

because the question might not be clear here is an embedded picture .
problem5.png
0
Comment
Question by:Aaeshah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41832984
1. Message is not encrypted and just obfuscated by random string which is seeded by known public key. Quite low confidentiality.

2. This is symmetric encryption approach. K1 and K2 need to be privy as preshared key with R to make sure no leak of information. So the key exchange need to be strong to ensure the encryption is not compromise revealing "x". The encryption can be fast and for bulk encryption.

3. This is similar to (2) but asymmetric approach is used for digital signature. It would be stronger than (2) but can be slow so normally for shorter "x".

4. Normally for mass user mailing list to send encrypted message. Each user's asymmetric keyset allows more users to be appended using the same symmetric key for encrypting "x". However the end result cryptogram can be huge. Like SMIME.

Overall as long as there is encryption and signature of message, the CI and NR is maintained. It is just a matter of cipher algorithm strength and its keysize used to determine strength level. The A does not really play a big part in the example so far as I see it.. Hope this help.
2
 

Author Comment

by:Aaeshah
ID: 41834168
Thank you for the reply, really helpful.
0
 
LVL 63

Expert Comment

by:btan
ID: 41834583
No worries. Thanks.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Office 365 email archive feature and comparison with different 3rd party ? 18 100
ransomware backup 8 128
Certificate error - subdomain? 2 34
Routing Issue 26 57
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question