Crypto U8 (part 2), Freshness

freshness mechanism
1. techniques used to provide assurance that a message is new
  1. i.e. a message is not a replay of an old message
2. not assurance of "aliveness" of sender because message could be delayed
3 kinds
1. sequence number
  1. sender looks up a sequence number (counter) from a database & sends with message
    1. receiver looks up sequence number in DB and compares with sent sequence number
  2. challenges
    1. sender and receiver must have databases
    2. DBs must be synchronized
    3. communication delays matter only if messages get mixed up
    4. need a way to ensure integrity of sequence #
      1. often a MAC is used to ensure that the sequence # has not been altered
2. clock based
  1. message sent with a time stamp
    1. receiver checks to see if time is within "window of acceptability"
  2. challenges
    1. sender and receiver must have clocks
    2. clocks must be synchronized
      1. problem with "clock drift"
      2. need clock resync method
    3. not useful for scenarios with big communication delays
    4. needs a way to ensure the integrity of timestamp
      1. often a MAC is used to ensure the timestamp has not been altered
3. nonce based
  1. nonce = "number used only once"
    1. sender creates nonce and sends to receiver with message
      1. receiver sends response along with originally sent nonce
    2. challenges
      1. freshness requires 2 communication passes
      2. does not required synchronization of clocks or DBs
      3. sender must have access to a random number generator
      4. does not provide message authentication
      5. attacker may have guessed the nonce (unlikely)

Next up

Crypto U8 (part 2), Freshness

Description

Resource summary

Similar

	Created by jjanesko almost 11 years ago