Week 5

Question 1

What is a Nonce (short for: number used once)?

Answer 1

A fresh secret only known to the person generating it

Question 2

What is a Protocol?

Answer 2

A protocol consists of a set of rules (conventions) that determine the exchange of messages between two or more principals

So basically, a distributed algorithm with emphasis on communication

Question 3

What is a Security Protocol?

Answer 3

Uses cryptographic mechanisms to achieve security objectives, eg. entity or message authentication, key establishment, integrity, timeliness, fair exchange, non-repudiation

Question 4

What is the definition of a Perfect Cryptography Assumption?

Answer 4

Encrypted messages may only be read by the legitimate recipients who have the keys required to decrypt them

Question 5

Look up how Needham Shroeder with Conventional Keys (NSCK) (part of lecture i had no clue on what he was on about)

Question 6

What is the Person-in-the-middle attack?

Answer 6

A <—> i <—> B

agent i poses as person A to person B and person B to person A to get sensitive info

Question 7

What is the Replay attack?

Answer 7

Attacker resuses parts of previous messages

Question 8

What is the Masquerading attack?

Answer 8

Pretend to be another principal

Question 9

What is the Reflection attack?

Answer 9

Send transmitted information back to originator

Question 10

What is the Oracle attack?

Answer 10

Take advantage of normal protocol responses as encryption and decryption “services”

Question 11

What is the Binding attack?

Answer 11

Using messages in a different context/ for a differenet purpose than originally intended

Question 12

What is the Type Flaw attack?

Answer 12

Substitute a different type of message field