Title | Protocols Practical 1 - Andrew Secure RPC |
---|---|
Author | Vasilka Zheleva |
Course | Identity, Trust, Reputation & Their Applications |
Institution | University of York |
Pages | 1 |
File Size | 38.2 KB |
File Type | |
Total Downloads | 89 |
Total Views | 127 |
exercises...
1
Security Protocols and BAN Logic ITRA Practical Session
P RACTICAL 1: A NDREW S ECURE RPC P ROTOCOL An early version of the Andrew Secure Remote Procedure Call (RPC) Protocol uses an authentication handshake between two principals whenever a client binds to a new server [1]. ′ The handshake is intended to allow a client A to obtain a new session key Kab from a server
B, given that they already share a key Kab . The protocol in standard notation is as follows: Message 1.
A → B : A, {Na}Kab
Message 2.
B → A : {Na + 1, Nb }Kab
Message 3.
A → B : {Nb + 1}Kab
Message 4.
′ , Nb′}Kab B → A : {Kab
where Na, Nb , and Nb′ are nonces. Nb′ is to be used in subsequent communication. In this exercise you will use BAN logic to analyse the protocol. Task 1: Idealise the protocol. Task 2: State the initial assumptions. Task 3: Express protocol goals in BAN logic and perform protocol analysis. Can you identify a weakness of the protocol? Task 4: Demonstrate an attack on the protocol. Can you fix it? Can you suggest an even better improvement that would reduce the total encryption needed? R EFERENCES [1] M. Satyanarayanan, “Integrating security in a large distributed system,” ACM Transactions on Computer Systems, vol. 7, no. 3, 1989, pp. 247-280. [2] M. Burrows, M. Abadi, and R. M. Needham, “A logic of authentication,” ACM Transactions on Computer Systems, vol. 8, no. 1, 1990, pp. 18-36....