Systemsicherheit/Assignment 4 - Protokollsicherheit (Praxis)/abgabe.tex

\documentclass[11pt]{scrartcl}

\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage[ngerman]{babel}
\usepackage{lmodern}
\usepackage{graphicx}
\usepackage{listings}
\usepackage{xspace}
\usepackage{amsmath}
\usepackage{algorithm}
\usepackage{algpseudocode}
\usepackage{xifthen}
\usepackage{xcolor}
\usepackage[a4paper,lmargin={2cm},rmargin={2cm},tmargin={2.5cm},bmargin = {2.5cm},headheight = {4cm}]{geometry}
\usepackage{amsmath,amssymb,amstext,amsthm}
\usepackage[shortlabels]{enumitem}
\usepackage[headsepline]{scrlayer-scrpage} 
\pagestyle{scrheadings} 
\usepackage{titling}
\usepackage{etoolbox}
\usepackage{tikz}

\usetikzlibrary{shapes, arrows, calc, automata, arrows.meta, positioning,decorations.pathmorphing,backgrounds,decorations.markings,decorations.pathreplacing, graphs}
\usetikzlibrary{matrix,shapes,arrows,positioning,chains, calc}
\usetikzlibrary{arrows.meta,matrix,shapes,arrows,positioning,chains, calc}

\tikzset{% 
    initial text={},
    state/.style={circle, draw, minimum size=.6cm},
    every initial by arrow/.style={-stealth},
    every loop/.append style={-stealth},
    >=stealth
}

\ohead{\parbox[t]{.5\linewidth}{\raggedleft \theauthor}}
\ihead{System Security, SoSe 24, Assignment \thesheetnr}

% Sheet number
\newcounter{sheetnr}
\newcommand{\sheetnr}[1]{\setcounter{sheetnr}{#1}}

% Exercise environments
\newenvironment{exercise}[2][]{\section*{#2\expandafter\ifstrempty\expandafter{#1}{}{\ #1}}}{}
\newenvironment{subexercises}{\begin{enumerate}[a), font=\bfseries, wide, labelindent=0pt]}{\end{enumerate}}
\newenvironment{subsubexercises}{\begin{enumerate}[i), font=\bfseries, wide, labelindent=0pt]}{\end{enumerate}}

% Makros
% MACRO for whole diagram 
% #1: total width of diagram 
% #2: total height of diagram 
% #3: nodes, paths, ... 
\newcommand\protocolflow[3]{ 
\begin{center} 
\begin{tikzpicture}[x=#1cm,y=#2cm] 
#3 
\end{tikzpicture} 
\end{center} 
}
% MACRO for path line shortening 
% #1: start coordinate 
% #2: target coordinate 
% #3: text above arrow 
\newcommand{\package}[3]{ 
\path[*-{latex[width=5pt, length=5pt]}] (#1) edge node [above] {#3} (#2); 
}

% Anpassen --> %
\author{Benjamin Haschka\\Sascha Tommasone\\Paul Zinselmeyer}
\sheetnr{4}
% <-- Anpassen %

\begin{exercise}[Warm Up]{2.1.}
\protocolflow{1.5}{0.75}{ 
    \node[] (A) at (0,0) {\textbf{Alice}};
    \node[] (E) at (3,0) {\textbf{Eve}};
    \node[] (S) at (7,0) {\textbf{Server}}; 
    \node[] (B) at (10,0) {\textbf{Bob}};
    \package{0,-1}{3,-1}{$Alice, Bob$}
    \package{3,-2}{7,-2}{$Alice, \textcolor{red}{Eve}$}
    \package{7,-3}{0,-3}{$\{ K \}_{K_{AT}}, \{ K \}_{\textcolor{red}{K_{ET}}}$}
    \package{0,-4}{3,-4}{$Trent, Alice, \{ K \}_{\textcolor{red}{K_{ET}}}$}
    \package{3,-5}{0,-5}{$\{ Hello\ Alice! \}_K$}
}
\textbf{Assumptions}
\begin{itemize}
    \item[(1)] Eve ist Nutzer des Protokolls, damit ein \textit{Key Encryption Key} (KEK) $K_{ET}$ zwischen ihr und dem KDC existiert.
    \item[(2)] Eve unterliegt dem Angreifermodell \textit{aktiver MitM}.
\end{itemize}

\noindent
\textbf{Attack}
\begin{enumerate}
    \item Eve fängt die erste Nachricht [$Alice, Bob$] von Alice ab, ersetzt $Bob$ durch ihren eigenen Namen und leitet die Nachricht anschließend an den Server weiter.
    \item Der Server antwortet mit [$\{ K \}_{K_{AT}}, \{ K \}_{K_{ET}}$]. Eve lässt diese Nachricht durch.
    \item Nachdem Alice den Session Key erhalten hat, schickt sie den mit $K_{ET}$ verschlüsselten Session Key $K$ an Bob. Damit Bob weiß, mit wem der Session Key ist und wie dieser verschlüsselt ist, schickt Alice nicht nur das Chiffrat, sondern $Trent, Alice$ ebenfalls mit.
    \item Eve fängt die Nachricht [$Trent, Alice, \{ K \}_{K_{ET}}$] ab. Aus (1) folgt, dass Eve in Besitz von $K_{ET}$ ist und kann daher den Session Key $K$ entpacken. Um das Protokoll zu beenden, und Alice endgültig davon zu überzeugen, dass sie Bob ist, schickt Eve $\{ Hello\ Alice! \}_K$ an Alice zurück.
\end{enumerate}

\noindent
\textbf{Evaluation}
\begin{itemize}
    \item 
\end{itemize}
\end{exercise}

\newpage
\begin{exercise}[Key Establishment]{2.2.}
\protocolflow{1.5}{0.75}{ 
 \node[] (A) at (0,0) {\textbf{Alice}};
 \node[] (E) at (5,0) {\textbf{Eve}};
 \node[] (B) at (8,0) {\textbf{Bob}};
 \node[] (CA) at (-1,-4.5) {\text{check $N_A$}};
 \package{0,-1}{5,-1}{$ID_A, N_A$}
 \textcolor{red}{\package{5,-2}{0,-2}{$ID_A, N_A$}}
 \package{0,-3}{5,-3}{$\{ N_A, K'_{AB} \}_{K_{AB}}$}
 \textcolor{red}{\package{5,-4}{0,-4}{$\{ N_A, K'_{AB} \}_{K_{AB}}$}}
 \package{0,-5}{5,-5}{$\{ N_A \}_{K'_{AB}}$}
 \package{5,-6}{0,-6}{\textcolor{red}{$N'_B$}}
}
\end{exercise}

\newpage
\begin{exercise}[Authentication without Trusted Party]{2.3.}

\end{exercise}

\newpage
\begin{exercise}[Authentication with Trusted Party]{2.4.}

\end{exercise}
\end{document}
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00			`\documentclass[11pt]{scrartcl}`

			`\usepackage[utf8]{inputenc}`
			`\usepackage[T1]{fontenc}`
			`\usepackage[ngerman]{babel}`
			`\usepackage{lmodern}`
			`\usepackage{graphicx}`
			`\usepackage{listings}`
			`\usepackage{xspace}`
			`\usepackage{amsmath}`
			`\usepackage{algorithm}`
			`\usepackage{algpseudocode}`
			`\usepackage{xifthen}`
[Assignment-4] added protocol scheme for mitm 2024-05-25 10:20:51 +02:00			`\usepackage{xcolor}`
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00			`\usepackage[a4paper,lmargin={2cm},rmargin={2cm},tmargin={2.5cm},bmargin = {2.5cm},headheight = {4cm}]{geometry}`
			`\usepackage{amsmath,amssymb,amstext,amsthm}`
			`\usepackage[shortlabels]{enumitem}`
			`\usepackage[headsepline]{scrlayer-scrpage}`
			`\pagestyle{scrheadings}`
			`\usepackage{titling}`
			`\usepackage{etoolbox}`
			`\usepackage{tikz}`

			`\usetikzlibrary{shapes, arrows, calc, automata, arrows.meta, positioning,decorations.pathmorphing,backgrounds,decorations.markings,decorations.pathreplacing, graphs}`
			`\usetikzlibrary{matrix,shapes,arrows,positioning,chains, calc}`
[Assignment-4] added protocol scheme for mitm 2024-05-25 10:20:51 +02:00			`\usetikzlibrary{arrows.meta,matrix,shapes,arrows,positioning,chains, calc}`
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00
			`\tikzset{%`
			`initial text={},`
			`state/.style={circle, draw, minimum size=.6cm},`
			`every initial by arrow/.style={-stealth},`
			`every loop/.append style={-stealth},`
			`>=stealth`
			`}`

			`\ohead{\parbox[t]{.5\linewidth}{\raggedleft \theauthor}}`
			`\ihead{System Security, SoSe 24, Assignment \thesheetnr}`

			`% Sheet number`
			`\newcounter{sheetnr}`
			`\newcommand{\sheetnr}[1]{\setcounter{sheetnr}{#1}}`

			`% Exercise environments`
			`\newenvironment{exercise}[2][]{\section*{#2\expandafter\ifstrempty\expandafter{#1}{}{\ #1}}}{}`
			`\newenvironment{subexercises}{\begin{enumerate}[a), font=\bfseries, wide, labelindent=0pt]}{\end{enumerate}}`
			`\newenvironment{subsubexercises}{\begin{enumerate}[i), font=\bfseries, wide, labelindent=0pt]}{\end{enumerate}}`

			`% Makros`
[Assignment-4] added protocol scheme for mitm 2024-05-25 10:20:51 +02:00			`% MACRO for whole diagram`
			`% #1: total width of diagram`
			`% #2: total height of diagram`
			`% #3: nodes, paths, ...`
			`\newcommand\protocolflow[3]{`
			`\begin{center}`
			`\begin{tikzpicture}[x=#1cm,y=#2cm]`
			`#3`
			`\end{tikzpicture}`
			`\end{center}`
			`}`
			`% MACRO for path line shortening`
			`% #1: start coordinate`
			`% #2: target coordinate`
			`% #3: text above arrow`
			`\newcommand{\package}[3]{`
			`\path[*-{latex[width=5pt, length=5pt]}] (#1) edge node [above] {#3} (#2);`
			`}`
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00
			`% Anpassen --> %`
			`\author{Benjamin Haschka\\Sascha Tommasone\\Paul Zinselmeyer}`
			`\sheetnr{4}`
			`% <-- Anpassen %`

			`\begin{exercise}[Warm Up]{2.1.}`
[Assignment-4] added protocol scheme for mitm 2024-05-25 10:20:51 +02:00			`\protocolflow{1.5}{0.75}{`
[Assignment-4] added mitm Assumptions and Attack 2024-05-25 11:31:48 +02:00			`\node[] (A) at (0,0) {\textbf{Alice}};`
			`\node[] (E) at (3,0) {\textbf{Eve}};`
			`\node[] (S) at (7,0) {\textbf{Server}};`
			`\node[] (B) at (10,0) {\textbf{Bob}};`
			`\package{0,-1}{3,-1}{$Alice, Bob$}`
			`\package{3,-2}{7,-2}{$Alice, \textcolor{red}{Eve}$}`
			`\package{7,-3}{0,-3}{$\{ K \}_{K_{AT}}, \{ K \}_{\textcolor{red}{K_{ET}}}$}`
			`\package{0,-4}{3,-4}{$Trent, Alice, \{ K \}_{\textcolor{red}{K_{ET}}}$}`
			`\package{3,-5}{0,-5}{$\{ Hello\ Alice! \}_K$}`
[Assignment-4] added protocol scheme for mitm 2024-05-25 10:20:51 +02:00			`}`
[Assignment-4] added mitm Assumptions and Attack 2024-05-25 11:31:48 +02:00			`\textbf{Assumptions}`
			`\begin{itemize}`
			`\item[(1)] Eve ist Nutzer des Protokolls, damit ein \textit{Key Encryption Key} (KEK) $K_{ET}$ zwischen ihr und dem KDC existiert.`
			`\item[(2)] Eve unterliegt dem Angreifermodell \textit{aktiver MitM}.`
			`\end{itemize}`

			`\noindent`
			`\textbf{Attack}`
			`\begin{enumerate}`
			`\item Eve fängt die erste Nachricht [$Alice, Bob$] von Alice ab, ersetzt $Bob$ durch ihren eigenen Namen und leitet die Nachricht anschließend an den Server weiter.`
			`\item Der Server antwortet mit [$\{ K \}_{K_{AT}}, \{ K \}_{K_{ET}}$]. Eve lässt diese Nachricht durch.`
			`\item Nachdem Alice den Session Key erhalten hat, schickt sie den mit $K_{ET}$ verschlüsselten Session Key $K$ an Bob. Damit Bob weiß, mit wem der Session Key ist und wie dieser verschlüsselt ist, schickt Alice nicht nur das Chiffrat, sondern $Trent, Alice$ ebenfalls mit.`
			`\item Eve fängt die Nachricht [$Trent, Alice, \{ K \}_{K_{ET}}$] ab. Aus (1) folgt, dass Eve in Besitz von $K_{ET}$ ist und kann daher den Session Key $K$ entpacken. Um das Protokoll zu beenden, und Alice endgültig davon zu überzeugen, dass sie Bob ist, schickt Eve $\{ Hello\ Alice! \}_K$ an Alice zurück.`
			`\end{enumerate}`

			`\noindent`
			`\textbf{Evaluation}`
			`\begin{itemize}`
			`\item`
			`\end{itemize}`
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00			`\end{exercise}`

			`\newpage`
			`\begin{exercise}[Key Establishment]{2.2.}`
[Assignment-4] added protocol scheme for slke 2024-05-25 10:48:57 +02:00			`\protocolflow{1.5}{0.75}{`
			`\node[] (A) at (0,0) {\textbf{Alice}};`
			`\node[] (E) at (5,0) {\textbf{Eve}};`
			`\node[] (B) at (8,0) {\textbf{Bob}};`
			`\node[] (CA) at (-1,-4.5) {\text{check $N_A$}};`
			`\package{0,-1}{5,-1}{$ID_A, N_A$}`
			`\textcolor{red}{\package{5,-2}{0,-2}{$ID_A, N_A$}}`
			`\package{0,-3}{5,-3}{$\{ N_A, K'_{AB} \}_{K_{AB}}$}`
			`\textcolor{red}{\package{5,-4}{0,-4}{$\{ N_A, K'_{AB} \}_{K_{AB}}$}}`
			`\package{0,-5}{5,-5}{$\{ N_A \}_{K'_{AB}}$}`
			`\package{5,-6}{0,-6}{\textcolor{red}{$N'_B$}}`
			`}`
[Assignment-4] added latex template 2024-05-25 10:00:30 +02:00			`\end{exercise}`

			`\newpage`
			`\begin{exercise}[Authentication without Trusted Party]{2.3.}`

			`\end{exercise}`

			`\newpage`
			`\begin{exercise}[Authentication with Trusted Party]{2.4.}`

			`\end{exercise}`
			`\end{document}`