Q. Consider the following method that establishes a secret session key k for use by Alice and Bob. Alice and Bob already share a secret key Kab for encryption.;i) Alice sends a random value NA to Bob along with her id, A.;ii) Bob sends encrypted message EKab(NA), NB to Alice, where NB is a random value;chosen by Bob.;iii) Alice sends back EKab(NB).;iv) Bob generates session key k and sends EKab(k) to Alice.;v) Now Alice and Bob exchange messages encrypted with the new session key;k.;Suppose that the random values and the keys have the same number of bits.;Describe a possible attack for this authentication method. Can we make the;method more secure by lifting the assumption that the random values and the;keys have the same number of bits? Explain.
Paper#71733 | Written in 18-Jul-2015Price : $22