CS138-lecture-20210511

Network security cont. #

RSA cont. #

image_2021-05-11-09-01-24 image_2021-05-11-09-02-54

Authentication #

image_2021-05-11-09-12-03 image_2021-05-11-09-13-24

ap = authentication protocol (fictional)

image_2021-05-11-09-13-41 image_2021-05-11-09-13-57 image_2021-05-11-09-14-40 image_2021-05-11-09-15-18 image_2021-05-11-09-16-13 image_2021-05-11-09-17-22 image_2021-05-11-09-17-49 image_2021-05-11-09-19-16 image_2021-05-11-09-20-41 image_2021-05-11-09-24-42

Challenge-response mechanism for authentication:

  1. Using symmetric shared key, \( K_{ab} \)
    1. Alice sends the message to bob saying “I am alice”
    2. Bob generates a random one-time use nonce, and encrypts it with the shared key \( R = K_{ab}(\text{nonce}) \)
    3. Alice decrypts \( R \) based on the symmetric key \( K_{ab} \) . Alice sends the result to Bob.
    4. Bob matches the response, if it matches then it authenticates Alice.

This still relies on the transfer of the symmetric key. Also, Bob can spoof himself as Alice, and vice versa.

image_2021-05-11-09-36-13

Here, anyone could create their own public/private key combination to respond to Bob.

image_2021-05-11-09-41-05 image_2021-05-11-09-43-32 image_2021-05-11-09-46-03 image_2021-05-11-09-46-50 image_2021-05-11-09-48-49 image_2021-05-11-09-51-14

Hashing \( m_1 \) should not equal to the hash of \( m_2 \) , however it is possible. Read more on MD5.

image_2021-05-11-09-55-10

So instead of Bob asking Alice for her public key, he should ask for her certificate.

image_2021-05-11-10-00-30

Securing e-mail #

image_2021-05-11-10-01-47 image_2021-05-11-10-04-10 image_2021-05-11-10-06-18 image_2021-05-11-10-07-52