Challenge - Response Protocol

Assume nodes A and B have a shared key KAB  which was somehow pre-decided among them. Can we have a secure communication among A and B ? We should have some kind of a 3 way handshake to avoid replay attack Therefore, we need to have some interaction before we start sending the data. A challenges B by sending it a arbitrary number RA and expects an encrypted reply using the pre-decided key KAB. B then  challenges A by sending it a arbitrary number RB and expects an encrypted reply using the pre-decided key KAB.

A                                                            B

1. A, R_A------------->

2.                                 <--------K_AB(R_A), R_B

3. K_AB(R_B)---------->

Unluckily this scheme is so simple that this will not work.  This protocol works on the supposition that there is a unique connection among A and B. If multiple connections are possible, then this protocol fails. In the case of replay attack, we can repeat the message KAB(M) if we could somehow convince B that I am A. At this time, a node C need not know the shared key to converse with B. To identify itself as A, C just wants to send KAB(RB1) as the response to the challenge-value RB1  given by B in the 1st connection. C can remarkably get this value through the 2nd connection by asking B itself to provide the response to its own challenge. Therefore, C can verify itself and start communicating freely with B.

Therefore, replay of messages becomes possible using the 2nd connection. Any encryption desired,  could  be  obtained  by  sending  the  value  as  RB2   in  the  2nd connection, and obtaining its encrypted value from B itself.

A                           B

1st Connection:    A, R_A------------->

2nd Connection:   A, R_B1------------>

1st Connection:    K_AB(R_B1)--------->

<----------KAB(RA), RB1

<--------- K_AB(R_B1), R_B2

could we have a simple solution apart from time-stamp ? We can send KAB(RA,RB) in the 2nd message instead of KAB(RA) and RA. It may help if we keep two dissimilar keys for dissimilar directions. So we share 2 keys one from A to B and the other from B to A. If we use only 1 key, then we could use dissimilar number spaces ( like even and odd) for the 2 directions. Then A would not be able to send RB. So fundamentally we are trying to look at the traffic in 2 directions as two different traffics. This particular kind of attack is called reflection attack.

Email based Computer Science assignment help - homework help at Expertsmind

Are you searching Computer Science expert for help with Challenge-Response Protocol questions?  Challenge-Response Protocol topic is not easier to learn without external help?  We at www.expertsmind.com offer finest service of Computer Science assignment help and computer science homework help. Live tutors are available for 24x7 hours helping students in their Challenge-Response Protocol related problems. We provide step by step Challenge-Response Protocol question's answers with 100% plagiarism free content. We prepare quality content and notes for Challenge-Response Protocol topic under computer science theory and study material. These are avail for subscribed users and they can get advantages anytime.

Why Expertsmind for assignment help

1. Higher degree holder and experienced experts network
2. Punctuality and responsibility of work
3. Quality solution with 100% plagiarism free answers
4. Time on Delivery
5. Privacy of information and details
6. Excellence in solving computer science questions in excels and word format.
7. Best tutoring assistance 24x7 hours