[CST-2] Security: 2000 P9 Q6
Ritchie Hughes
rnh20@hermes.cam.ac.uk
Tue, 29 May 2001 22:12:07 +0100
Hi Andrei,
> Has anybody got interesting ideas on this question?
The protocol looks like the Denning-Sacco one on page 2 of Lecture 11. Yes,
B can unpack the inner signature and mascarade as A, but it seems a bit
pointless given that no other information is sent along. I'd also have a
whinge about how dodgy timestamps are in general, too.
> But then comes the second part, where the change to the protocol
> has addressed neither the "problem" nor the attack. What can be
> written for 12 marks?
My notes say...
Oh sod it, I've just received Max's email about the marking scheme.
Hehehe... is that really true? And there was me thinking Tripos was
rigourously moderated.
Ritchie
--
email: ADDRESS@HIDDEN
web: http://ritchie.hughes.net/