Protocols Practical 1 - Andrew Secure RPC PDF

Preview

Summary

exercises...

Description

1

Security Protocols and BAN Logic ITRA Practical Session

P RACTICAL 1: A NDREW S ECURE RPC P ROTOCOL An early version of the Andrew Secure Remote Procedure Call (RPC) Protocol uses an authentication handshake between two principals whenever a client binds to a new server [1]. ′ The handshake is intended to allow a client A to obtain a new session key Kab from a server

B, given that they already share a key Kab . The protocol in standard notation is as follows: Message 1.

A → B : A, {Na}Kab

Message 2.

B → A : {Na + 1, Nb }Kab

Message 3.

A → B : {Nb + 1}Kab

Message 4.

′ , Nb′}Kab B → A : {Kab

where Na, Nb , and Nb′ are nonces. Nb′ is to be used in subsequent communication. In this exercise you will use BAN logic to analyse the protocol. Task 1: Idealise the protocol. Task 2: State the initial assumptions. Task 3: Express protocol goals in BAN logic and perform protocol analysis. Can you identify a weakness of the protocol? Task 4: Demonstrate an attack on the protocol. Can you fix it? Can you suggest an even better improvement that would reduce the total encryption needed? R EFERENCES [1] M. Satyanarayanan, “Integrating security in a large distributed system,” ACM Transactions on Computer Systems, vol. 7, no. 3, 1989, pp. 247-280. [2] M. Burrows, M. Abadi, and R. M. Needham, “A logic of authentication,” ACM Transactions on Computer Systems, vol. 8, no. 1, 1990, pp. 18-36....