ove to describe the protocol of du

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question
For instance, we studied how a dual-factor authentication works when a password generator is used:
S → U : N
U → P : N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}K
Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile
device is involved?
To receive full credit, please submit
1. a high-level overview of how the protocol would work
2. the description of the protocol using the formal notation
Transcribed Image Text:For instance, we studied how a dual-factor authentication works when a password generator is used: S → U : N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}K Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile device is involved? To receive full credit, please submit 1. a high-level overview of how the protocol would work 2. the description of the protocol using the formal notation
• Where T represents the timestamp
Protocols
The Dual Factor Authentication
S - u: N
U → P: N,PIN
P → U : {N,PIN}x
U → S : {N,PIN}K
• More specifically security protocols
N?
(N, PIN)x
N?
....
"specify the steps that
principals use to establish
trust relationships"
Where
• S: server
• P: password generator
The Case of the Garage
U: User
• K: encryption K
Trust On First Use (TOFU)
EXIT
EXIT
ENTRANCE
PUBLIC
PARKING
PUBLIC
Security module that handles
• Trust software machine
T → G : T, {T,N}KT
• T: token (represented by serial number)
Where
Software tries to find machine ID
• No id then ask the user (e.g. Whatsapp, Smart
TV ...)
• G: garage
• N: "unique number"
The Case of the Dual Factor
Pay Pal
a
Authentication
Remote Key Management
S - U: N
U → P: N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}x
N?
KDC (A,B)
(N, PIN}.
KDC
N?
....
Where
Alice KA-KDC(R1, KB-KDC
(A,R1))
S: server
knows R1
• P: password generator
U: User
Кв.кос (А, R1)
(A,R1)
Bob knows R1
• K: encryption K
When do Protocols Fail?
Alice, Bob communicate using shared session key R1
Remote Key Management
(cont'd)
• User authentication is heavily based on a
protocol that uses a Password/PIN
- Eavesdropping
Using protocol notation
A → S: A,B
S → A : {A,B, KAB, T}Ks {A, B, KAB, T}Ks
A → B : {A,B, KAB, T}Ks• {M}K
People looking over your shoulder
Fake login Webpage
AB»
• Devices capturing keystrokes
Man-in-the-middle attack
The Challenge-Response
• Where T represents the timestamp
Protocol
Needham-Schroeder protocol
E → T : N
T → E : T, {T,N}K
10:24
Audi A4 - Today 10:24 AM
4th St, San Francisco, CA
San Francisto
Marriott Marquis
Message 1 A → S : A,B,NA
Message 2 S → A : {N4,B, KAB, {KAB,A}kng }Kns
where
Yerba Buena
Gardens
Samova
• E is the engine controller
O AMC Metreon te
Message 3 A → B : {KAB,A}Kps
• Tis the transponder
K is the encryption key
Mssage 4 B - А: (NB]к..
Moscone West
Message 5 A - В: (NB — 1}к ла.
Budget
• N random challenge
Howard St
tinental
In Practice
Kerberos
User is given
Exit
Enter
• Developed by MIT
User wants to enter
User is presented
with a challenge
Yes
User attempts the
challenge
access to the
system
the system
• Network authentication tool
No
A → S : A,B
S → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kpg }Kas
A → B : {Ts,L, KAB,A}Kns• {A, TA}}K
B → A : {TẠ+1}KR
surce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/
S»
• Challenge Response Authentication
Mechanism (CRAM)
AB»
Completely Automated Public Turing Test
Login
Example: Microsoft ActiveDirectory
Biometric
Transcribed Image Text:• Where T represents the timestamp Protocols The Dual Factor Authentication S - u: N U → P: N,PIN P → U : {N,PIN}x U → S : {N,PIN}K • More specifically security protocols N? (N, PIN)x N? .... "specify the steps that principals use to establish trust relationships" Where • S: server • P: password generator The Case of the Garage U: User • K: encryption K Trust On First Use (TOFU) EXIT EXIT ENTRANCE PUBLIC PARKING PUBLIC Security module that handles • Trust software machine T → G : T, {T,N}KT • T: token (represented by serial number) Where Software tries to find machine ID • No id then ask the user (e.g. Whatsapp, Smart TV ...) • G: garage • N: "unique number" The Case of the Dual Factor Pay Pal a Authentication Remote Key Management S - U: N U → P: N,PIN P → U : {N,PIN}x U → S: {N,PIN}x N? KDC (A,B) (N, PIN}. KDC N? .... Where Alice KA-KDC(R1, KB-KDC (A,R1)) S: server knows R1 • P: password generator U: User Кв.кос (А, R1) (A,R1) Bob knows R1 • K: encryption K When do Protocols Fail? Alice, Bob communicate using shared session key R1 Remote Key Management (cont'd) • User authentication is heavily based on a protocol that uses a Password/PIN - Eavesdropping Using protocol notation A → S: A,B S → A : {A,B, KAB, T}Ks {A, B, KAB, T}Ks A → B : {A,B, KAB, T}Ks• {M}K People looking over your shoulder Fake login Webpage AB» • Devices capturing keystrokes Man-in-the-middle attack The Challenge-Response • Where T represents the timestamp Protocol Needham-Schroeder protocol E → T : N T → E : T, {T,N}K 10:24 Audi A4 - Today 10:24 AM 4th St, San Francisco, CA San Francisto Marriott Marquis Message 1 A → S : A,B,NA Message 2 S → A : {N4,B, KAB, {KAB,A}kng }Kns where Yerba Buena Gardens Samova • E is the engine controller O AMC Metreon te Message 3 A → B : {KAB,A}Kps • Tis the transponder K is the encryption key Mssage 4 B - А: (NB]к.. Moscone West Message 5 A - В: (NB — 1}к ла. Budget • N random challenge Howard St tinental In Practice Kerberos User is given Exit Enter • Developed by MIT User wants to enter User is presented with a challenge Yes User attempts the challenge access to the system the system • Network authentication tool No A → S : A,B S → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kpg }Kas A → B : {Ts,L, KAB,A}Kns• {A, TA}}K B → A : {TẠ+1}KR surce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/ S» • Challenge Response Authentication Mechanism (CRAM) AB» Completely Automated Public Turing Test Login Example: Microsoft ActiveDirectory Biometric
Expert Solution
Step 1

In Wi-Fi Direct, groups are created as one of the following types:

Persistent, in which automatic reconnection can occur by using stored key material.
Temporary, in which devices can't re-authenticate without user action.

trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps

Blurred answer
Knowledge Booster
Types of Protocols
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education