Random J. Protocol-Designer has been told to design a scheme to prevent messages from being modified by an intruder. Random J. decides to append to each message a hash of that message. Why does this not solve the problem? What does solve the problem?
Hint: We know of a protocol that uses this technique in an attempt to gain security.
Suppose Alice, Bob, and Carol want to use secret key technology to authenticate each other. If they all used the same secret key, K, then Bob could impersonate Carol to Alice (actually any of the three could impersonate the other to the third). Suppose instead that each had their own secret key; so Alice uses KA, Bob uses KB, and Carol uses KC. This means that each one, to prove his or her identity, responds to a challenge with a function of his or her secret key. Is this more secure than having them all use the same secret key?
Hint: What does Alice need to know in order to verify Carol’s answer to Alice’s challenge?
Assume a cryptographic algorithm in which the performance for the good guys (the ones that know the key) grows linearly with the length of the key and for which the only way to break it is a brute-force attack of trying all possible keys. Then, suppose the performance for the good guys is adequate (e.g., it can encrypt and decrypt as fast as the bits can be transmitted over the wire) at a certain size key. Finally, suppose advances in computer technology make computers twice as fast. Given that both parties the good guys and the bad guys get faster computers, does this advancement in computer speeds work to the advantage of the good guys? The bad guys? Or does it not make any difference?
What to Submit
