The following mutual authentication protocol has been designed to be resilient against reflection attacks. This is done by ensuring that the challenge from the initiator looks different from the challenge from the responder.
Msg1 A → B : I’m Alice,R 2
Msg2 B → A : R 1 ,{Bob,R 2 } K AB
Msg3 A → B : {Alice,R 1 } K AB
Suppose that a programmer implements the above protocol across a unix network, where principle names are eight (8) characters long and 1 triple DES-ECB is used for encryption. Outline a possible (reflection) attack on this protocol. Thanks
Aucun commentaire:
Enregistrer un commentaire