Score:0

How can I impersonate Bob without creating a new session

bw flag

Good morning,

I've been struggling with this protocol for the last few days and I'm out of ideas now. The goal is to impersonate Bob by just modifying or dropping packages. The attacker(me) is a Proxy that is between the clients and the servers so any messages are first sent to me and I send relay them to the servers.

I have thought about setting up two sessions and do a Reflection but then the session key in the second message wouldn't be the same and the task description also says that it is possible by just modifying the messages.enter image description here

Can you guys please help me out ?

Edit: I should add that K_AB is a long term key and K_'AB is the session key

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.