Scribd
Upload
7 views4 pages

Section (6) : Timestamp Message Freshness

The document discusses Denning's protocol and the importance of timestamps for ensuring message freshness, highlighting the vulnerabilities of using nonces instead. It outlines three usages of nonces for authentication between two parties, A and B, and describes a protocol for one-way authentication of A to B using digital signatures. The document also identifies potential vulnerabilities, including replay attacks and the lack of mutual authentication, which could allow an attacker to impersonate B.

Uploaded by

omarsalah4055
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views4 pages

Section (6) : Timestamp Message Freshness

The document discusses Denning's protocol and the importance of timestamps for ensuring message freshness, highlighting the vulnerabilities of using nonces instead. It outlines three usages of nonces for authentication between two parties, A and B, and describes a protocol for one-way authentication of A to B using digital signatures. The document also identifies potential vulnerabilities, including replay attacks and the lack of mutual authentication, which could allow an attacker to impersonate B.

Uploaded by

omarsalah4055
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

‫عمر صالح الدين عطيه محمد‬

Section (6)

In Denning’s protocol (Section 16.2), a timestamp is used to ensure message freshness, meaning
the message is recent and hasn’t been reused from a previous session, If you replace the
timestamp with a nonce, the protocol may no longer guarantee freshness unless extra steps are
taken. Here’s why:

✓ Nonces aren’t time-dependent, unlike timestamps.

✓ If an attacker captures a message with a nonce and resends it later, the receiver cannot
easily tell if the nonce is new or reused—unless they keep a list of all used nonces, which
is not practical for large systems.

✓ Timestamps implicitly expire, reducing the chance of reuse. Rather than Nonces which
don’t expire on their own, so messages using them are more vulnerable to replay
attacks.
We are given three usages involving a nonce Na and symmetric key K:

Usage 1 :-

• Used when A wants to authenticate B.

• A sends a challenge (nonce), and B proves identity by encrypting it using shared key K.

• If A can decrypt and retrieve Na, it trusts that B holds the key.

Usage 2 :-

• Used when B wants to authenticate A.

• A encrypts a nonce using shared key K, and B decrypts it.

• B sends back the original nonce, proving that it could decrypt the message from A.

Usage 3 :-

• Mutual authentication or challenge-response with added freshness.

• A sends an encrypted nonce, B decrypts and applies a function f () (such as an


increment), re-encrypts and sends it back.

• This adds complexity and ensures that the response is fresh and not replayed.
a. Explain the protocol:

1. A → B: IDₐ → A initiates communication and sends its identity to B.

2. B → A: R₁ → B generates a random challenge nonce R1 and sends it to A.

3. A → B: E(PRₐ, R₁) → A encrypts the challenge using its private key PRₐ, and sends

it back.

4. B verifies by decrypting E(PRₐ, R₁) using A’s public key PUₐ.

→ If the decrypted value matches R1, then B is convinced that A is indeed A.

Goal: One-way authentication of A to B using digital signatures.

b. What type of attack is this protocol susceptible to?

Vulnerability: Replay Attack

• If an attacker captures the third message (A → B: E(PRₐ, R₁)), they can’t reuse it directly
unless the challenge R₁ is reused.

• However, if R₁ is not fresh or gets reused, the attacker could trick B into accepting an old
authentication as valid.
Another Issue: Lack of Mutual Authentication

• B is not authenticated to A.

• This allows an attacker to pretend to be B, receive A’s signed response, which could later
be abused.

You might also like