Q1. Key Management
i)
ii)
The protocol provides perfect secrecy as at the start of each session, a new unused
random number is chosen by the Alice.
The protocol provide implicit key authentication as Bob can be sure of Alice’s identity,
but not the other way around. This is because only Alice picks a random number.
Q2. Hash Chain
i)
ii)
The protocol is resistant against replay attacks as the index of the session would
invalidate the hash after is had been used. However, if the attacker blocked the
information from reaching the server, then the information could be replayed and
accepted.
The protocol is forward secure assuming that the hash function is computationally
infeasible to find the reverse. This is because the hash is “re-hashed” for the next session
and that to find a previous hash you would need to reverse it.
Q3. Two-Factor Authentication Protocol Analysis
i)
ii)
Assuming that the card is the info compromised, and that physical methods of data
retrieval are not possible; The authentication cannot be brute forced as the method only
allows 3 attempts before locking the account. The protocol does achieve two-factor
authentication.
Assuming that the card is the info compromised, that physical methods of data retrieval
are not possible, and that the communication between the server and client is not
secure, enough information cannot be gained to gain access. Information cannot be
gained during a session and used for subsequent sessions as a random number is chosen
each time. The server will not authenticate if TS’ != TS, and TS’ is calculated using a secure
hash, even if the hash was known TS’ could only be calculated using Z and we cannot
know this value without the password. The client PC also cannot be authenticated as we
could not generate the correct TC value, as this requires the knowledge/calculation of Z.
Q4. Multilevel Security
i)
ii)