nadim/appliedcryptography
SHA256
1
Fork 0
Code Wiki Activity

Formatting fix

Browse source
This commit is contained in:
Nadim Kobeissi 2025-06-29 16:48:24 +02:00
parent 1070abc517
commit 09786846d4
Signed by: nadim
SSH key fingerprint: SHA256:Wq6s8he3sp5RAhp1LaLtp6R1p/43SZswtuK9csAuVcM
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
assignments/problem-sets/problem-set-4.tex
View file

@ -185,7 +185,7 @@
\item (16 points) \textbf{Broken Ratcheting Protocols:} \item (16 points) \textbf{Broken Ratcheting Protocols:}
The following two ratcheting protocols are used in messaging applications. Both contain subtle flaws that compromise their security properties. For each protocol, identify the vulnerabilities and explain their impact on forward secrecy, backward secrecy (post-compromise security), and message authentication. The following two ratcheting protocols are used in messaging applications. Both contain subtle flaws that compromise their security properties. For each protocol, identify the vulnerabilities and explain their impact on forward secrecy, backward secrecy (post-compromise security), and message authentication.
\textbf{Ratchet Protocol 1: "SimpleSafe"} \textbf{Ratchet Protocol 1: \textit{``SimpleSafe''}}
\begin{itemize} \begin{itemize}
\item Initial setup: Alice and Bob share root key $RK_0$ from an authenticated key exchange \item Initial setup: Alice and Bob share root key $RK_0$ from an authenticated key exchange
\item Message keys are derived as: $MK_i = \func{hmac}{RK_0, i}$ where $i$ is the message counter \item Message keys are derived as: $MK_i = \func{hmac}{RK_0, i}$ where $i$ is the message counter
@ -197,7 +197,7 @@
\item Messages are encrypted as: $\func{enc}{MK_i, \text{plaintext}} \| i$ \item Messages are encrypted as: $\func{enc}{MK_i, \text{plaintext}} \| i$
\end{itemize} \end{itemize}
\textbf{Ratchet Protocol 2: "DoubleStep"} \textbf{Ratchet Protocol 2: \textit{``DoubleStep''}}
\begin{itemize} \begin{itemize}
\item Initial setup: Alice and Bob each have DH key pairs $(a_0, g^{a_0})$ and $(b_0, g^{b_0})$ \item Initial setup: Alice and Bob each have DH key pairs $(a_0, g^{a_0})$ and $(b_0, g^{b_0})$
\item Two chains are maintained: \item Two chains are maintained: