Protocol 1

Let’s learn about the flow and messages of our first candidate protocol.

We'll cover the following

Protocol assumptions
Protocol description
Protocol analysis
Remarks

Protocol assumptions

The illustration below shows our first candidate protocol’s flow and messages.

There are three assumptions we make before running this protocol:

Bob has access to a source of randomness: This is necessary because the protocol requires Bob to be able to generate a nonce. We also naturally assume that this generator is ‘secure’ enough to guarantee the unpredictability of the output.
Alice and Bob already share a symmetric key $K$ known only to them: This is necessary because the protocol requires Alice to be able to generate a MAC that Bob can verify.
Alice and Bob agree on using a strong MAC algorithm: This is necessary because if the MAC algorithm is flawed, then data origin authentication is not necessarily provided by it.

If Alice and Bob do not already share a symmetric key, they will need to run a different protocol to establish a common symmetric key $K$ .

Technically, if Alice and Bob have not already agreed on using a strong MAC algorithm to compute the MAC, then Alice could indicate the choice of MAC algorithm she’s using in her reply.

Get hands-on with 1200+ tech skills courses.

Introduction

Basic Principles

Historical Cryptosystems

Theoretical versus Practical Security

Symmetric Encryption

Public-Key Encryption

Data Integrity

Digital Signature Schemes

Entity Authentication

Cryptographic Protocols

Key Management

Public-Key Management

Cryptographic Applications

Cryptography for Personal Devices

Control of Cryptography

Mathematics Appendix

Closing Remarks

Protocol 1

Protocol assumptions