andr3/ComputerSecurity
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Typed initial answer to 1.3

Browse Source
This commit is contained in:
Andre Henriques 2023-12-11 21:13:32 +00:00
parent c3149da051
commit 5597311f67
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
secondcw/ag01598_6644818_1_3.spdl
View File

@ -23,8 +23,6 @@ protocol protocolPI(Network, Application, Phone) {
var mApp: String;
var temp: Ticket;
recv_1(Application,Phone, {mApp, Application, Phone }SesK);
fresh mPhone: String;

7
secondcw/cw/cw.tex
View File

@ -81,6 +81,13 @@
The protocol as it stands does not guarantee secrecy and agreement.
\subsection*{1.3}
The file ag01598\_6644818\_1\_3.spdl contains the fixed version of $\text{protocol}\Pi$
The first change was to require the refresh keys request was to require the application to send a nounce, this nonce is then sent back to application to verify that the key was generated, was requested to the application and not by the attacker.
The second change was to make the network send the identity of the other party to party that is reciving the message. i.e. Sending the identity of the Phone to the Application encrypted with the key Network,Application. This is done to guarantee that the Party reciving the communication is using a key that was intended for this communication.
\end{document}