Professional Documents
Culture Documents
Gopal Pawar 161060976 B.Tech Electronics E-Security Assignment No.3 Q1) This Authentication Scheme Is One-Sided. How Can It Be Made Mutual? Ans
Gopal Pawar 161060976 B.Tech Electronics E-Security Assignment No.3 Q1) This Authentication Scheme Is One-Sided. How Can It Be Made Mutual? Ans
161060976
B.Tech Electronics
E-security
Assignment No.3
● Once PMK is computed it will act as a shared secret key. This key is to
be used as less frequently as possible so that it will be less exposed.
So it cannot be passed as a message.
● This is one drawback of WEP, while it could also be a case that a third
party is actually trying to intervene in the communication between a
subscriber and an Access Point.
● Now the only thing left for an attacker is to exor both the obtained
quantities and the resulted quantity is the keystream which was
generated by the RC4 algorithm during the encryption process of the
challenge message(plain text).
● Hence it very easy for the attacker to attack an Access Point using
the obtained information i.e. Plain Text (challenge) and Encrypted
text.
Q3) The encryption scheme is an RC4 stream cipher. How can an attacker
create a valid response for any challenge after watching just one valid
authentication?
Ans-
● The attacker does not know about any shared key but still can use the
same keystream.
● Now when the attacker wants to gain access to the Access Point, it
sends a request message.
● The attacker sends the encrypted text to the Access Point and after
the decryption process, a key is obtained to the access point.
● Now, this key is the same key that was used during the previous valid
authentication process however, the attacker has no clue about the
value of the key.
● The access point then compares the value of the key (obtained after
the decryption process) with a list of the registered keys. If it gets
matched with one of the keys the attacker is authenticated.
● Hence, after watching one valid authentication, an attacker can get
access to an access point with a valid response.