E.relse 1. F. anew prrnetas,lemthat uses(or shotdd use)adock ..sx.eltbernsameprrnet or ,lem wu.al,d...

Question

E.relse 1. F. anew prrnetas,lemthat uses(or shotdd use)adock ..sx.eltbernsameprrnet or ,lem wu.al,d for Exer,se IS. Con-duct a sen.ty review of product or s,lem as d.cri. Stalion1.12, h!rnfrgil;apnydig!frdk

Document Preview:

HAPTER 16 The Clock Before we begin the detailed discussion of key management in the next chapter, we need to discuss one more primitive function: the clock. At first glance, this is a decidedly un-c ryptogra phic primitive, but because the current time is often used in cryptographic systems, we need a reliable clock. 16.1 Uses for a Clock There are several cryptographic uses for a clock. Key management functions are often linked to deadlines. The current time can provide both a unique value and a complete ordering of events. We will discuss each of these uses in more detail. 16.1.1 Expiration In many situations, we want to limit the validity period of a document. In the real world, we often see limited validity periods too. Checks, open airline tickets, vouchers, coupons, and even copyrights all have limited validity periods. The standard way to limit the validity period of a digital document is to include the expiration time in the document itself. But to check whether a document has expired, we need to know the current time. Hence, the need for a clock. 259260 Part IV • Key Management 16.1 .2 Unique Value Another useful function of a clock-if its resolution is high enough -is to provide a unique value for a single machine. We've been using nonces in several places. The important property of a nonce is that any single value is never used twice, at least within some defined scope. Sometimes the scope is limited, such as the nonce we use in the secure channel, and the nonce can be generated using a counter. In other situations, the nonce has to be unique across reboots of the computer. There are two generic ways of generating nonce values. The first is to use the current time of the clock with some mechanism to ensure you never use the same time code twice The second is to . use a PRNG, which we discussed in some detail in Chapter 9. The disadvantage of using a random nonce is that it needs to be rather large. To achieve a...

005_h8qcajo-wwz1niix.pdf 005_xnccajo-ygp0io0t.docx

David · Accepted Answer

ANSWERS 
Chapter – 16 
Find a new product or system that uses (or should use) a clock. This might be the same 
product or system you analyzed for Exercise 1.8. Conduct a security review of that product 
or system as described in Section 1.12, this time focusing on the security and privacy issues 
surrounding the clock. 
In order to support ongoing payments, the bank needs to run a continuous financial transaction 
framework. For performing auditing, there ought to be a reasonable sequence of the transactions. 
Let there are two transactions A and B which needs to be performed, this is important that which 
of the two transactions perform first, on the grounds that the aftereffect of one of them could rely 
on whether the other one has been performed yet or not. The easy approach to record this 
succession is to give a time stamp to every transaction. This can only be possible if we have 
some reliable clock. The unreliable clock may give the wrong time. There is some risk if the 
clock incidentally goes in reverse: it can be easy in order to check that the current time is more 
noteworthy than the time stamp of the last transaction which is performed. We are unable to 
perform any new transaction with the time stamp before 2020 in light of the fact that it would 
irritate the order of the transactions, which is controlled by time stamp. 
Chapter – 17 
Exercise 17.4 For the protocol in Section 17.3, consider an attacker who intercepts all 
communications. Can the attacker retroactively read data between Alice and Bob if KA 
and KB are both later exposed? 
No, the attacker cannot read data between Alice and Bob. Alice requests that the key server set 
up a key amongst her and Bob. The key server reacts by sending another key KAB to both Alice 
as well as Bob. The key server can even send the message to Bob through Alice, with the goal 
that it doesn't have to communicate with Bob specifically. When this happens, Alice just turns 
like a network router that transit a safe channel between the key server as well as Bob. This 
mainly poses one confinement on the framework: Bob must run the key negotiation protocol 
with the key server before Alice requests that the key server set up a imparted key to Bob. 
Exercise 17.5 For the protocol in Section 17.3, could an attacker gain any advantage in 
breaking the protocol by forcibly rebooting the key server? 
The safe channel protects the message from all different types of control. When an attacker gain 
the advantage in breaking the protocol by forcibly rebooting the key server,

E.relse 1. F. anew prrnetas,lemthat uses(or shotdd use)adock ..sx.eltbernsameprrnet or ,lem wu.al,d for Exer,se IS. Con-duct a sen.ty review of product or s,lem as d.cri. Stalion1.12,...

Answer To: E.relse 1. F. anew prrnetas,lemthat uses(or shotdd use)adock ..sx.eltbernsameprrnet or ,lem wu.al,d...

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment