Homework Help is Here – Start Your Trial Now!
Engineering
Computer Engineering
The S/MIME for email specification allows for encryption before signing or signing and encrypting. Each has different security properties. PGP specifies that one should sign and then encrypt. Use the Cryptographic protocol shape analyzer(CPSA) tool to determine what attacks are possible against each approach or if either are secure. Is PGP correct to specify only one way to perform authentication and confidentiality? Model the protocols, specified below for your convenience, and identify any attacks against the protocols or if the messages are securely received (authenticated and confidential). Determine if you receive an authentic message, was it intended for you or someone else or if when you receive the message, is it authentic. (For extra credit: If you identify any attacks, can you change the protocol to prevent the attacks?)   For the following descriptions, M is the message, K is a freshly chosen symmetric key, PubK(N) is the public key of N, and PrivK(N) is the private key of N. {}K stands for encryption with key K. Hash(X) is hashing of message X.   Sign then encrypt:   A -> B: {M, A, {Hash(M)}PrivK(A)}K, {K}PubK(B)   Encrypt then sign:   A -> B: {M}K, A, {Hash({M}K)}Privk(A), {K}PubK(B)

The S/MIME for email specification allows for encryption before signing or signing and encrypting. Each has different security properties. PGP specifies that one should sign and then encrypt. Use the Cryptographic protocol shape analyzer(CPSA) tool to determine what attacks are possible against each approach or if either are secure. Is PGP correct to specify only one way to perform authentication and confidentiality? Model the protocols, specified below for your convenience, and identify any attacks against the protocols or if the messages are securely received (authenticated and confidential). Determine if you receive an authentic message, was it intended for you or someone else or if when you receive the message, is it authentic. (For extra credit: If you identify any attacks, can you change the protocol to prevent the attacks?)   For the following descriptions, M is the message, K is a freshly chosen symmetric key, PubK(N) is the public key of N, and PrivK(N) is the private key of N. {}K stands for encryption with key K. Hash(X) is hashing of message X.   Sign then encrypt:   A -> B: {M, A, {Hash(M)}PrivK(A)}K, {K}PubK(B)   Encrypt then sign:   A -> B: {M}K, A, {Hash({M}K)}Privk(A), {K}PubK(B)

Computer Networking: A Top-Down Approach (7th Edition)
Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
See similar textbooks
icon
Related questions
Question

The S/MIME for email specification allows for encryption before signing or signing and encrypting. Each has different security properties. PGP specifies that one should sign and then encrypt. Use the Cryptographic protocol shape analyzer(CPSA) tool to determine what attacks are possible against each approach or if either are secure. Is PGP correct to specify only one way to perform authentication and confidentiality? Model the protocols, specified below for your convenience, and identify any attacks against the protocols or if the messages are securely received (authenticated and confidential). Determine if you receive an authentic message, was it intended for you or someone else or if when you receive the message, is it authentic. (For extra credit: If you identify any attacks, can you change the protocol to prevent the attacks?)

 

For the following descriptions, M is the message, K is a freshly chosen symmetric key, PubK(N) is the public key of N, and PrivK(N) is the private key of N. {}K stands for encryption with key K. Hash(X) is hashing of message X.

 

Sign then encrypt:

 

A -> B: {M, A, {Hash(M)}PrivK(A)}K, {K}PubK(B)

 

Encrypt then sign:

 

A -> B: {M}K, A, {Hash({M}K)}Privk(A), {K}PubK(B)

Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer
Knowledge Booster
Encryption and decryption
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-engineering and related others by exploring similar questions and additional content below.
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY
SEE MORE TEXTBOOKS