ProtocolsThe Dual Factor AuthenticationMore specifically security protocolsS - U: NU → P : N,PINP → U : {N,PIN}xU → S: {N,PIN}xIN, PINIKN?**.."specify the steps thatprincipals use to establishtrust relationships"Where• S: server• P: password generatorThe Case of the Garage• U: User• K: encryption KTrust On First Use (TOFU)EXITEXITENTRANCESecurity module that handles• Trust software machineT → G : T, {T,N}KT• Software tries to find machine IDWhere• T: token (represented by serial number)No id then ask the user (e.g. Whatsapp, SmartTV ...)G: garage• N: "unique number"The Case of the Dual FactorPay PalaeAuthenticationRemote Key ManagementS - U: NU → P : N,PINP → U : {N,PIN}KU → S: {N,PIN}KKDC (A,B)KDCN?WhereAlice KA. KDC (R1, Кв.крс (А,R1))knows R1• S: server• P: password generator• U: UserKB-KDC (A,R1)Bob knows R1• K: encryption KWhen do Protocols Fail?Alice, Bob communicate using shared session key R1Remote Key Management(cont'd)User authentication is heavily based on aprotocol that uses a Password/PINUsing protocol notationEavesdropping• People looking over your shoulder• Fake login Webpage• Devices capturing keystrokes- Man-in-the-middle attackA → S: A,BS → A : {A,B, KAB, T}KAs' {A, B, Kab, T}KpsA → B : {A,B, KAB, T}Kps+ {M}KaBThe Challenge-Response• Where T represents the timestampProtocolNeedham-Schroeder protocolE → T: N10:24Aud M- Today 10 24 AM4th St, San Francisco, CAT → E : T, {T,N}KMessage 1 A → S: A,B,NAMessage 2 S → A : {N4,B,KAB, {KAB,A}kpg }K¼sMessage 3 A — В: (КАВ-А}крswhere• E is the engine controller• Tis the transponderK is the encryption keyMessage 4 B → A : {Ng}KN random challengeMessage 5 A → B : {Ng- 1}KBIn PracticeKerberosUser is givenaccess to thesystemExitEnterJUser wants to enterthe systemUser is presentedwith a challengeUser attempts the YeschallengeDeveloped by MIT• Network authentication toolNoA → S : A,BS → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kps }KasA → B : {Ts,L, KAB, A}Kns+ {A, TA}K,aBB → A : {TA+1}K,Bsurce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/Challenge Response AuthenticationMechanism (CRAM)- Completely Automated Public Turing TestLoginExample: Microsoft ActiveDirectory- Biometric For instance, we studied how a dual-factor authentication works when a password generator is used:S → U : NU → P : N,PINP → U : {N,PIN}xU → S: {N,PIN}KCan you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobiledevice is involved?please submit1. a high-level overview of how the protocol would work2. the description of the protocol using the formal notation

Dual-factor authentication: Two-factor authentication (2FA), at times alluded to as two-step check…

For instance, we studied how a dual-factor authentication works when a password generator is used: S - U: N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}x Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile device is involved? please submit 1. a high-level overview of how the protocol would work 2. the description of the protocol using the formal notation

For instance, we studied how a dual-factor authentication works when a password generator is used: S - U: N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}x Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile device is involved? please submit 1. a high-level overview of how the protocol would work 2. the description of the protocol using the formal notation

Computer Networking: A Top-Down Approach (7th Edition)

7th Edition

ISBN:9780133594140

Author:James Kurose, Keith Ross

Publisher:James Kurose, Keith Ross

Chapter1: Computer Networks And The Internet

Section: Chapter Questions

Problem R1RQ: What is the difference between a host and an end system? List several different types of end...

See similar textbooks

Related questions

Q: Your company is building a computer network, and you are asked to develop a scheme for dealing with…

A: Introduction: Deadlock: Deadlock is a situation where a set of processes are blocked because each…

Q: Using the corresponding decryption rules, please write out P_0, P_1, P_2, respectively.

A: Let's understand what is a block cipher. A block cipher is a method of encrypting data in blocks to…

Q: Consider a large institution that has 14369 employees. How many keys are necessary to allow any pair…

A: One kind of cryptographic key used in symmetric cryptography is a symmetric key, sometimes referred…

Q: Consider a large institution that has 9180 employees. How many keys are necessary to allow any pair…

A: The answer is given below.

Q: Your company is building a computer network, and you are asked to develop a scheme for dealing with…

Q: Can a message's authentication code alter either the Tag or the ciphertext en route? There can never…

A: Although MAC characteristics and cryptographic hash features are comparable to one another, the…

Q: Q20. Suppose that a security specialist and a remote command tear are using the RSA cryptosystem to…

Q: Is encryption of the connection and data from end to end possible? What is the advantage? Describe a…

A: Introduction of Link Encryption A message moving through a network is encrypted and decrypted at…

Q: Give an illustration of a hypothetical circumstance involving the management of user logins, for…

A: Scenario management is a very effective method for managing several futures and developing precisely…

Q: Consider the final key agreement protocol detailed in the textbook. If Alice and Bob are both…

A: if both Alice and Bob are honest and any adversaries are passive, then the components given below…

Q: Suppose Bob receives a PGP message from Alice. If Bob receives a message, how does he know it was…

A: Bob can verify the authenticity of the PGP message by checking the digital signature that is…

Q: How exactly will authentication help us do what we set out to do? In this part, we'll talk about the…

A: Authentication is the process of verifying the identity of a user or device. It plays a crucial role…

Q: Provide an example of when it might be necessary to keep a false login active. In other words, you…

A: In this question we need to provide an example where we need to keep a false login active. We also…

Q: Q1) Does this code satisfy Progress? Q2) Explain your answer in Q1. Q3) If your answer in Q1 is No,…

A: Ans1 ) No Ans 2) As while loop is with semicolon which means loop will not be executed. Ans3) Remove…

Q: For authentication based on something you are, both false negatives and false positives are…

A: False-positive or false-negative can only occur in the case of biometrics form of authentication,…

Q: Note: The notation from this problem is from Understanding Cryptography by Paar and Pelzl.…

A: According to the information given:- we have to follow the instruction in order to get the tap bits…

Q: What is avalanche effect? How do you achieve avalanche effect in modern block ciphers? Explain your

A: I have given detailed explanation related to avalanche effect below.

Q: Consider the ElGamal signature scheme. Let Bob’s private key be Kpr = (d) = (67) and the…

A: Verify that received messages is originated from bob or not. decryption is performed on the…

Q: Is encryption of the connection and data from end to end possible? What is the advantage? Describe a…

A: Please find the answer below :

Q: Can authentication help us reach our goals? We'll compare authentication types' pros and cons in…

A: Yes, authentication can help us reach our goals by providing a secure way to verify the identity of…

Q: If you were to sum up the differences between stream ciphers and block ciphers, what would you say…

A: block cipher is a type of cipher that transforms plain text by taking each block individually.

Q: Can the whole exchange (connection + data) be encrypted? For what purpose? Give an example when any…

A: Yes, The entire connection and data exchange can be encrypted. The process of encrypting plaintext…

Q: Here's how to secure your bike: Only things with a higher number may be locked again after being…

A: In the given protocol, bike locks (X-locks) are locking and unlocking according to the rules…

Q: Consider a one-way authentication technique based on asymmetric encryption: A B: IDA B-A: E(PUR₂)…

Question

Protocols
The Dual Factor Authentication
More specifically security protocols
S - U: N
U → P : N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}x
IN, PINIK
N?
**..
"specify the steps that
principals use to establish
trust relationships"
Where
• S: server
• P: password generator
The Case of the Garage
• U: User
• K: encryption K
Trust On First Use (TOFU)
EXIT
EXIT
ENTRANCE
Security module that handles
• Trust software machine
T → G : T, {T,N}KT
• Software tries to find machine ID
Where
• T: token (represented by serial number)
No id then ask the user (e.g. Whatsapp, Smart
TV ...)
G: garage
• N: "unique number"
The Case of the Dual Factor
Pay Pal
a
e
Authentication
Remote Key Management
S - U: N
U → P : N,PIN
P → U : {N,PIN}K
U → S: {N,PIN}K
KDC (A,B)
KDC
N?
Where
Alice KA. KDC (R1, Кв.крс (А,R1))
knows R1
• S: server
• P: password generator
• U: User
KB-KDC (A,R1)
Bob knows R1
• K: encryption K
When do Protocols Fail?
Alice, Bob communicate using shared session key R1
Remote Key Management
(cont'd)
User authentication is heavily based on a
protocol that uses a Password/PIN
Using protocol notation
Eavesdropping
• People looking over your shoulder
• Fake login Webpage
• Devices capturing keystrokes
- Man-in-the-middle attack
A → S: A,B
S → A : {A,B, KAB, T}KAs' {A, B, Kab, T}Kps
A → B : {A,B, KAB, T}Kps+ {M}KaB
The Challenge-Response
• Where T represents the timestamp
Protocol
Needham-Schroeder protocol
E → T: N
10:24
Aud M- Today 10 24 AM
4th St, San Francisco, CA
T → E : T, {T,N}K
Message 1 A → S: A,B,NA
Message 2 S → A : {N4,B,KAB, {KAB,A}kpg }K¼s
Message 3 A — В: (КАВ-А}крs
where
• E is the engine controller
• Tis the transponder
K is the encryption key
Message 4 B → A : {Ng}K
N random challenge
Message 5 A → B : {Ng- 1}KB
In Practice
Kerberos
User is given
access to the
system
Exit
Enter
JUser wants to enter
the system
User is presented
with a challenge
User attempts the Yes
challenge
Developed by MIT
• Network authentication tool
No
A → S : A,B
S → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kps }Kas
A → B : {Ts,L, KAB, A}Kns+ {A, TA}K,aB
B → A : {TA+1}K,B
surce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/
Challenge Response Authentication
Mechanism (CRAM)
- Completely Automated Public Turing Test
Login
Example: Microsoft ActiveDirectory
- Biometric

For instance, we studied how a dual-factor authentication works when a password generator is used:
S → U : N
U → P : N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}K
Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile
device is involved?
please submit
1. a high-level overview of how the protocol would work
2. the description of the protocol using the formal notation

Expert Solution

This question has been solved!

Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.

This is a popular solution!

SEE SOLUTION Check out a sample Q&A here

Step 1

Step 2

Step 3

Step 4

Step 5

Trending now

This is a popular solution!

Step by step

Solved in 5 steps

SEE SOLUTION Check out a sample Q&A here

Similar questions

Describe the steps involved in mounting a statistical attack on a monoalphabetic substitution cipher. (please do not explain it with pictures) Explain why this approach would fail on a polyalphabetic substitution cipher?
Explain this more What is the tradeoff however with each pass? Answer here: Minimum 200 words addressing tradeoffs. I’m understanding this question, in the way that if we apply ciphers multiple times using the same key then it will either completely negate encryption an even number of encryptions attempts or only apply it once for an odd number of encryption attempts. If we have a secure password, then we can focus on protocols and systems instead of passwords
Please refer to the following for the locking procedure: After an item has been unlocked, a higher-numbered item can no longer be locked. Any moment is appropriate to open locks. Only X-locks are used for this purpose. Demonstrate how the protocol does not ensure the serialisation of the data.
Choose between the Password Authentication Protocol (PAP) or the Challenge Handshake Authentication Protocol (CHAP) when setting up PPP authentication. If that's the case, then I'm safer from harm, right? Your response requires more background information. While setting up PPP authentication, you may use either PAP or CHAP. How come I feel safer then? Your response makes no sense out of context.
2. Recall the concept of Physically Unclonable Functions, which are an importantcomponent of hardware based security. Here is a simple scenario and simple protocol usingPUFs for authenticating a tag. In the protocol below, the Reader stores ALL possiblecombinations of Challenge-Response pairs for every tag it needs to authenticate. Duringauthentication, the Reader broadcasts the ID of the tag, and a greeting (Gn ). Every tag maysee this message, but only the one with the right ID will process the message. The right tagwith the ID in the message will then feed the greeting to its PUF and compute the responseSn. The response is then sent to the Reader. This should be clear from the Figure below. Forthe next round of authenticating the same Tag, the process repeats with a new Greeting(G n+1 ). Since the Reader has the responses, authentication is straightforward. Recall thatChallenges and Responses are typically 128 or 256 bit strings for RFIDs.From the protocol, and class, it should be…
Alice and Bob use the following challenge –response authentication scheme based on digital signature. To avoid chosen text attack, they decide that Alice will sign R= RA XOR RB, where RA is chosen by Alice and RB is chosen by Bob. They work out following protocol: Alice >Bob : Alice, RA Bob >Alice : RB Alice >Bob : S (KRA, {R}) KRA is the private key of Alice. Bob verifies Alice’s signature on R to authenticate Alice. An adversary wants Alice to sign on text RT chosen by him. How does he exploit the protocol for achieving this goal? please the explain the answer in short
Alert dont submit AI generated answer.
Note: The notation from this problem is from Understanding Cryptography by Paar and Pelzi. Consider the LFSR represented by the polynomial x¹ + x³ +x+1 What are the tap bits of the LFSR? Please enter your answer as unspaced binary digits (e.g. 010101 to represent p = 0, P4 = 1, P3 = 0, P2 = 1, P₁ = 0, Po = 1).
See the procedure for securing below: After unlocking, only higher-numbered items can be sealed. Anytime may be used to unlock locks. Used exclusively are X-locks. Demonstrate how the protocol cannot guarantee serializability.
2. Consider the scenario where a Bank Server receives a funds transfer request from a user, Andy, and wants to ensure the authentication and integrity of the funds transfer request. Assume that the bank has received a message (m + KA(H(m)) from Andy. What are the steps that the bank will take to check the integrity and authentication of the message m. Please draw the steps in the box below. Please use the following notation. Andy's Banking Application (m+K(H(m)) KA, KA K, KE m H(m) Bank Server Andy's Public Key, Andy's Private Key Bank Server's Public Key, Bank Server's Private Key Message with the funds transfer request Hash of a given message m Please use this space to draw the steps the bank will take to check the integrity and authentication of the message m.
As one may have anticipated, the Feistel cypher design is, in fact, a cypher. It's worth looking at current block ciphers based on the Feistel network?
Demonstrate how native authentication and authorization services are performed on the web server in response to a request from a web client for a secure server resource. Include the particulars of each step of the process. What are some of the reasons why, in your opinion, the implementation of layered protocols is such an appealing strategy? Are there any particular instances that you might use to back up the assertions you've made?