Suppose Alice is a client of Bob\'s stockbrokering firm. She needs to send Bob o

Question

Suppose Alice is a client of Bob's stockbrokering firm. She needs to send Bob one of two messages: BUY or SELL. The attacker, Cathy, enciphers both messagtes with Bob's public key. When Alice sends her message, Cathy compares it with her messages and sees which one it matches.

Reconsider the case of Alice and her stockbroker, Bob. Suppose they decide not to use a session key. Instead, Alice pads the message (BUY or SELL) with random data.

A) Show how Cathy attacks in this case

B) Explain under what conditions this appraoch would be effective / why random pads can defeat the attack (padding the message with random data)

C) Discuss how the length of the block affects your answer.

Explanation / Answer

A) In this case Cathy will compare a set of messages and find out the first n bits which are repititive. She can then find out what length of the message is the padding and discard it. The repititive pattern bits are the actual message bits.

B) This attack will be successful only if the padding is added in the end of the actual message. If the padding is added in between the actual message bits, this attack will be defeated.

C) Using variable block length for the padding, it will not be possible to determine which bits represent the actual message and which ones are the padding. Hence, the attack wont be successful.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.