Académique Documents
Professionnel Documents
Culture Documents
Cryptographic Protocols
Trent
Alice Bob
Trent
evidence evidence
Alice Bob
Information Security/System Security – p. 110/617
Adjudicated Protocols (2)
In the real world, judges are professional adjudicators
Alice and Bob can enter a contract without a judge; a
judge only sees the contract if it is brought before a
court
1. Alice and Bob negotiate the terms of the contract
2. Alice signs the contract
3. Bob signs the contract
The following is only executed in case of a dispute:
4. Alice and Bob appear before a judge
5. Alice presents her evidence
6. Bob presents his evidence
7. The judge rules on the evidence
Alice Bob
smart
terminal
card communication between
card and terminal
Acquirer
Information Security/System Security – p. 173/617
SDA (2)
Usually the involved parties are the following:
Issuer: who gives you the card (e.g. bank)
Certification authority: scheme operator (e.g. VISA)
Acquirer: participant in the scheme (e.g. shops,
ATMs)
We’ll have a look at the protocol on the next slide
Basically, terminal verifies that the
static application data (put on the card when it was
created) has not been manipulated
PIN is correct
before going ahead with a transaction
Kerberos 1
2 5
3 Client Server
TGS 4
Information Security/System Security – p. 186/617
Kerberos (3)
We’ll look at some details in just a moment
You might ask yourself what the Ticket Granting Service
is for
Kerberos could check if a user is allowed to access a
service and issue ticket for Server directly
Functionality is split between Kerberos and TGS to
share workload:
Kerberos does authentication
TGS does access control for services
Kerberos is based on symmetric cryptography:
Kerberos shares a different secret key with every entity
on the network