Forward Secrecy ProtocolsConsider the following 4-message protocol:1. A → S: (B, {(A, K1)}KpbS)2. S → B: A3. B → S: (A, {(B, K2)}KpbS)4. S → A: (B, {K2}K1)Assume three runs of the above protocol, that we call P1, P2 and P3. If after completion of run P3, K1 is compromised, i.e. it is leaked to some external intruder, how would this impact the forward secrecy property of K2 for all the three runs of the protocol P1, P2 and P3? Choose the right answer:
a) Compromising K1 in P3 compromises every other key in all of the three runs of the protocolb) The secrecy of P3.K2 is not compromised, and therefore P2.K2 and P1.K2 would remain secretc) Compromising K1 in P3 compromises P3.K2, and therefore, every other previous version of K1 and K2 are also compromisedd) The secrecy of P3.K2 is compromised, but P2.K2 and P1.K2 would remain secret since K1 is refreshed after each run, therefore P3.K1 is different from P2.K1 and is different from P1.K1e) Even though K1 is compromised in P3, K2 is not compromised in any of the three runsExplain your answer below
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here