Why are timestamps used in the Kerberos protocol

profileSuperClass
 (Not rated)
 (Not rated)
Chat

(HW1) Why are timestamps used in the Kerberos protocol (see page 27)?

(HW2) Assume that Alice shares a secret s with her company’s server computer. When Alice is on a trip, she tries to store an important message in the CEO’s account directory. This message needn’t be encrypted since confidentiality is not important here, but the CEO needs to be guaranteed that the message really is from someone who knows the secret s (e.g. Alice) when the CEO opens his/her computer the next day. A naïve protocol to achieve this may look like this:

Alice-->Server: “This is Alice, I have an important message to forward to the CEO”
Server-->Alice: “OK, please encrypt R” (where R is a random nonce)
Alice-->Server: “Es(R)” (that is, R is encrypted with the secret s)
Server-->Alice: “Please send the message”
Alice-->Server: “The CEO needs to attend a meeting in Liverpool on May 1, 2006”
The server stores this message in the CEO’s directory

Is this protocol secure? If not, how do you feel it could be modified to make it so?

  • 8 years ago
Why are timestamps used in the Kerberos protocol A+ Tutorial use as guide
NOT RATED

Purchase the answer to view it

blurred-text
  • attachment
    why_are_timestamps_used_in_the_kerberos_protocol.docx