Explore BrainMass

authentication protocol

Suppose we are using a three-message mutual authentication protocol, and Alice initiates contact with Bob. Suppose we wish Bob to be a stateless server, and therefore it is inconvenient to require him to remember the challenge he sent to Alice. Let's modify the exchange so that Alice sends the challenge back to Bob, along with the encrypted challenge. The protocol is: (It is shown in the image attached)

Is this protocol secure? Justify your answer

© BrainMass Inc. brainmass.com July 19, 2018, 11:18 pm ad1c9bdddf


Solution Preview

In secret key protocol, it is absolutely necessary that A and B have a common session key that is not known by the intruder I. We will call the session key: Kab. Along with the session key we have variables that indicate the user that is user, they are: A and B in the protocol. Ra and Rb are so called challenges that are sent and retrieved encrypted by the session key so that when it is decrypted it can be ...

Solution Summary

This job discusses authentication protocol.