Computer Science Homework Solutions
Problem
#9708

Network security

I need detailed answers for these 2 questions.

1.Suppose we wish to use Kerberos for securing electronic mail. The obvious way of accomplishing this is for Alice, when sending a message to Bob, to obtain a ticket for Bob and include that in the email message, and to encrypt and/or integrity-protect the email message using the key in the ticket. The problem with this is that then the KDC would give Alice a quantity encrypted with Bob's password-derived master key, and then Alice could do off-line password guessing. How might Kerberos be extended to secure email without allowing off-line password guessing?
(Hint: Issue human users an extra, unguessable master key for use with mail, and extend the Kerberos protocol to allow Bob to safely obtain his unguessable master key from the KDC.)

2.Assume we are using secret key technology. What is wrong with the following source authentication scheme?
Alice chooses a per-message secret key K, and puts an encrypted version of K in the header for each recipient, (ie Bob and Ted). Next, Alice uses K to compute a MAC on the message, say a DES-CBC residue, or to compute a message digest of K and append it to the message.

(Hint: this works fine for a single recipient, but there is a security problem if Alice sends a multiple-recipient message. Once they receive the message, Bob and Ted know both K and K encrypted with the key they share with Alice. This allows either to forge a message to the other as if it were from Alice.)

Solution
What is this?
By OTA - Overall OTA Rating
Poramate Tarasak, PhD (IP) - 4.9/5
Purchase Cost Now
$2.19 CAD (was ~$3.99)
Included in Download
  • Plain text response
  • Attached file(s):
    • masterkey.doc
$2.19 Instant Download
Add to Cart
Why you can trust BrainMass.com
  • Your Information is Secure
  • Best Online Academic Help Service
  • Students find real academic Success
Related Solutions
  • authentication protocol - Suppose we are using a three-message mutual authentication protocol, and Alice initiates contact with Bob. Suppose we wish Bob to be a stateless server, and therefore it is inconvenient to require him ...
  • 3-DES and RSA - No one has formally “proven” that 3-DES or RSA are “secure”. Given this, what evidence do we have that they are indeed secure Try to explain with your own words (no google or wikipedia).
  • Database security and setup - Describe steps necessary to setup SQL Server security. Define what the database roles are and set them up for a database with import and export permissions. Please provide atleast two screen ...
  • Network security - One can simulate digital signatures using Kerberos. Explain how this can be achieved and carefully outline what functionality of digital signatures can (and cannot) be provided.
  • Information Systems Security Basics - Which is more in line with your thinking: Security policies and procedures should be designed at a point in time and then enforced without modification to prevent arbitrary compromising of any el ...
Browse