COMP3334 Computer Systems Security 2021/22 Semester 2
Tutorial4Solutions Diffie-HellmanKeyExchange Question 1 Diffie- Exchange
Let p = 23, g = 10. Suppose Alice chooses a = 3. Bob chooses b = 5. Can you show the steps of the key establishment? What is the final key agreed by Alice and Bob?
Alice calculates ga mod p = 103 mod 23 = 11 and sends it to Bob. Bob calculates gb mod p = 105 mod 23 = 19 and sends it to Alice. Alice calculates 193 mod 23 = 5.
Copyright By PowCoder代写 加微信 powcoder
Bob calculates 115 mod 23 = 5.
The final key agreed by Alice and Bob is 5.
Question 2 Diffie- Exchange Revisited
Let p = 23, g = 10. Assume you are an attacker. You observed that the value sent from Alice to Bob is 15. The value sent from Bob to Alice is 18. What is the key used by Alice and Bob? If you have the ability to intercept and modify the message flow, how would you attack the protocol?
Using brute force attack:
101 mod 23 = 10
102 mod 23 = 8
103 mod 23 = 11
104 mod 23 = 18 (= yB)
The key used by Alice and Bob is therefore yA4 = 154 mod 23 = 2.
COMP3334 Computer Systems Security 2021/22 Semester 2
Question 3 Key Management
If symmetric key management is used, how many distinct keys are needed in the system if there are n parties in the system? And how many distinct keys does each party have to keep? What if centralized key management is used?
Exactly n(n-1)/2 distinct keys are needed in the symmetric key management.
Each party has to keep n-1 distinct keys.
If centralized key management is used, only n distinct keys have to be kept in the whole system. Each party has to keep her own key.
Question 4 Perfect Forward Secrecy
In key exchange protocols, Perfect Forward Secrecy (PFS) is a security property that protects past sessions against future compromise of the private key(s).
Explain why the Diffie- Exchange protocol satisfies PFS. State the assumption(s).
In DH Key exchange, Alice and Bob generate their private keys, a and b, randomly to calculate ga mod p and gb mod p respectively for each session. If a and b of one session are comprised, the attacker can only decrypt the messages of that session, but not those in the past, when another sets of a and b are used.
Assumption: Alice and Bob must use a new a and b as their private keys respectively for each session. (It is ok to have new private keys generated because they are not used to encrypt/decrypt of the messages directly, but the generation of the session keys)
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com