Score:2

Digital signature with Big Brother

ch flag

I have read digital signature with Big Brother but don't understand the sequence.

One approach to digital signatures is to have a central authority that knows everything and whom everyone trusts, say Big Brother $(BB).$Each user then chooses a secret key and carries it by hand to $BB$'s office. Thus, only Alice and $BB$ know Alice's secret key, $K_A$, and so on.

When Alice wants to send a signed plaintext message, $P$, to her banker, Bob, she generates $K_A(B, R_A, t, P)$, where $B$ is Bob's identity, $R_A$ is a random number chosen by Alice, $t$ is a timestamp to ensure freshness, and $K_A(B, R_A, t, P)$ is the message encrypted with her key, $K_A.$

After then I don't understand how the following sequence works because there is nothing explained. Can anyone please explain in detail?

schroeder avatar
cn flag
When quoting from a source, please cite the source.
Score:1
gd flag

Alice - knowing $K_A$ - sends $K_A(B, R_A, t, P)$ to $BB$.

$BB$ - knowing $K_A$ - decrypts $K_A(B, R_A, t, P)$, obtaining $(B, R_A, t, P)$.

$BB$ - knowing $K_B$ and $K_{BB}$ - sends $K_B(A, R_A, t, P, K_{BB}(A, t, P))$ to Bob.

Bob - knowing $K_B$ - decrypts $K_B(A, R_A, t, P, K_{BB}(A, t, P))$, obtaining $(A, R_A, t, P, K_{BB}(A, t, P))$.

At this point you can go on reading.

Alok Maity avatar
ch flag
could you explain little, I don't understand what is happening here..
Riccardo avatar
gd flag
Maybe you don't understand the notation: $K_A(M)$ means encrypting the message $M$ using the key $K_A$. I usually write it as $Enc(M,K_A)$.
Alok Maity avatar
ch flag
all things are understood. But in last paragraph "Trudy replaying either message "-- what does mean by replaying message?
Riccardo avatar
gd flag
It means trying to impersonate Alice by sending to Bob copies of messages sent by Alice to Bob.
Alok Maity avatar
ch flag
@Riccardo here middle in attack is impossible because everything is encrypted?
Riccardo avatar
gd flag
A man-in-the-middle can only forward messages that he intercepts, but he can't impersonate $BB$ since he doesn't know others' private keys.
Alok Maity avatar
ch flag
@Riccardo but how Alice got fooled?
Riccardo avatar
gd flag
If Bob does not check for freshness of a message, he could be tricked to repeat an action that he has already taken. This is why $t$ and $R_A$ are used.
Alok Maity avatar
ch flag
@Riccardo I want to how A got attacked by any attacker?
Riccardo avatar
gd flag
The only one that can attack $A$ is $BB$, but we are assuming that $BB$ is honest.
Alok Maity avatar
ch flag
@Riccardo when $A$ is attack by $BB$, we can't caught $BB$, inspite of using timestamp. Am I right?
Riccardo avatar
gd flag
Yes, this is the problem with a central authority: you have to blindly trust it.
Alok Maity avatar
ch flag
@Riccardo So, my question is Alice has not attacking chance except by BB, when A is attack by BB timestamp is useless, why we use timestamp?
Riccardo avatar
gd flag
As I said before, the timestamp is used to prove the freshness of the message to Bob.
Alok Maity avatar
ch flag
@Riccardo "freshness of the message" means message without repeating. Alice doesn't sent any repeating message. Trudy who may be the attacker send the replay message. My question is how Trudy may be pretend as Alice? . So Alice is fooled by Trudy. Am I right?
Riccardo avatar
gd flag
There is nothing in the system that identifies the participants, so Trudy can simply say to Bob: "Hi, I am $BB$ and this is a message from Alice". If Bob does not check the message freshness, he could be fooled.
Alok Maity avatar
ch flag
@Riccardo how Trudy can get message which is repeating message sent by Alice?
Riccardo avatar
gd flag
We always assume that an attacker can intercept messages, since the communication channel is insecure.
Alok Maity avatar
ch flag
@Riccardo intercepter could be exist between Alice and BB or BB and Bob or BB could be treated as interceptor? Am I right?
Riccardo avatar
gd flag
Yes, perfectly right.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.