Q5. Designing a Secure Authentication Protocol for a One-to-One Secure Messaging Platform

(a) Analysing the security strength of authentication protocols

Assume that you have been hired to design a secure mutual authentication and key establishment protocol for a new messaging software. In the software, two users (ex: Alice and Bob) needs to exchange messages using a public-key cryptography based authentication protocol to achieve mutual authentication and establish a secure session key (K) before the start of the conversation as shown in Figure-3. According to the given scenario, Alice and Bob should exchange three messages to achieve mutual authentication and establish the secure session key (K). Assume that Alice is the initiator of the communication. Alice sends “Message 1” to Bob and Bob replies with “Message 2”.

You have options to choose from several protocols and analyzing their security strength. The prospective security protocols are as follows:

 i. In protocol-1, Message 1: {“Alice”, K, RA}Bob, Message 2: RA,RB

ii. In protocol-2, Message 1: “Alice”, {K, RA}Bob, Message 2: RA, {RB}Alice

iii. In protocol-3, Message 1: “Alice”, {K}Bob, [RA]Alice, Message 2: RA, [RB]Bob

iv. protocol-4, Message 1: RA, {“Alice”, K}Bob, [RA]Alice, Message 2: [RA]Bob, {RB}Alice

v. In protocol-5, Message 1: {“Alice”, K, RA, RB}Bob, Message 2: RA, {RB}Alice

In this task, you need to critically analyze the above protocols and clearly explain which protocol or protocols would be secured and why. Notations are summarized below:

K : Session key

RA : Nonce generated by Alice

RB : Nonce generated by Bob

{“Message”}Alice : Encryption Function that encrypts “Message” using Alice’s public Key

[“Message”]Alice : Encryption Function that encrypts “Message” using Alice’s private Key which is also known as signed “Message” by Alice

(b) Designing a secure authentication protocol

Assume that Alice and Bob want you to design a secure two-message authentication protocol (requires only two messages to achieve mutual authentication as shown in Figure-4) for their chat application that will provide mutual authentication and establish a session key (K) for each communication. While designing the authentication protocol, you should remember that public-keys of both sender (e.g., Alice) and receiver (e.g., Bob) are known to everyone in the network. Therefore, it important to ensure anonymity of the communicating users in the authentication protocol. For your information, if an authentication protocol provides anonymity then an attacker cannot identify the person who is communicating. In other words, a message in the authentication protocol providing anonymity does not reveal user’s identity.

Figure-4: Overview of the two-message secure mutual authentication and key establishment protocol

In this task, you need to explain the followings with diagrams:

i. Show a two-message authentication protocol that will achieve mutual authentication for two communicating users (say, Alice and Bob).

ii. Assume Trudy is a passive attacker who can only watch messages between Alice and Bob. Trudy cannot perform any replay or Man-in-the-Middle (MiM) attack. Now, analyse critically if your protocol ensure anonymity or not from Trudy. If your protocol does not provide anonymity, what changes are required to your protocol to ensure anonymity?