Two solutions can be employed in order for users to send requests R to a database for data and receive said data. Users have a private RSA key skA, and also know the public key of the database pkD. But one of these solutions has a security problem. Which?
- The first solution involves the user encrypting R under D’s public key, appending his signature on the encrypted request (RSA = public key system = digital signature), and then appending his username A.
- The second solution involves the user appending his signature on the request, encrypting this under D’s public key, and appending his username A.
First method
Using the first method the signature of the message is not encrypted with D’s public key, only the R. Since a User ID is also added to the message, unencrypted, a user B is able to intercept the message, sign it with his own signature, replace the existing User ID with his own, and send it to D. The database now takes A’s request, looks up B’s public key, encrypts the response and sends it to B instead of A. This was not supposed to happen.
Second method
The second method avoids this by encrypting everything with D’s public key and by doing so we maintain authenticity. We can therefore conclude that the second method is the most secure.
(solution to old assignment from dSik)
No comments:
Post a Comment