Computer Security- Lecture 8

Computer Security lecture 8:

Mutation and type flaw attacks on security protocols

What are mutations? Single faults in protocols/systems/programs

e.g instead of keya, It is keyc being sent to b

Mutations in protocols

XOR- note that XOR is nilpotent- X xor x is 0

A xor B= B xor A

So if intruder can work out A then it can get B

Homomorphic attacks

Can see that A sent to C- from A, nonce A- encrypted with public key of C

So C sends this to B but with public key of B

B then sends back but with public key of A

C repeats to A

So A sends to C nonce b encrypted with public of C, C sends this to B with B’s public key