All Questions
Tagged with symmetric authentication
20
questions
0
votes
1
answer
639
views
Why does symmetric encryption not provide authentication and integrity? Is it only this type of encryption or cryptology in general have this issue?
Studying for Cryptology and came across a presentation regarding on "Integrity vs Authenticity" where the discussion briefly mentions how Encryption "does not provide integrity or ...
0
votes
1
answer
75
views
Safe implicit value validation: $H_k(k \oplus m) \sim H_k(m)$?
$H_k$ is a cryptographic hash function that's keyed using a section of key material $k$ (for whatever definition of "keyed" that's appropriate for the given hash function $H$).
Are the ...
1
vote
0
answers
46
views
How LastPass decrypts database on web browser?
According to video from Dr. Pound, password managers (LastPass in particular) holds encrypted image of your data on their servers and then with master password you authenticate to get encrypted image ...
0
votes
1
answer
75
views
How to ensure files on client computer haven't been tampered with by client?
I'm designing a program that clients can download to the computer. This program needs to sync with my online server on a regular basis to confirm that the client's Activation Code hasnt expired and ...
1
vote
0
answers
46
views
Authentication by Presenting the Symmetric Key over an Encrypted Channel
I have devices which need to communicate with a server over a mutually authenticated and encrypted channel. Authenticating the server is relatively easy, since I can embed the CA certificate in the ...
0
votes
2
answers
692
views
Designing a simple challenge-response symmetric mutual authentication protocol
I am designing a protocol that 2 devices will use to mutually authenticate over an unreliable, unsecure channel. The system must be fast and low-power, so symmetric cryptography is a requirement. I ...
1
vote
1
answer
175
views
Are the signcryption and the authenticated encryption same?
The signcryption and the authenticated encryption are both the combine of encryption and authentication with three natural composition (i.e., EtS, StE, E&S). I am not sure that if they are the ...
1
vote
0
answers
58
views
Lightweight provably secure design [closed]
Is it possible to device lightweight (i.e. without asymmetric crypto and PKI; and without third party Trent) provably secure (in the exact security sense) scheme? Were there any attempts? Is it ...
0
votes
4
answers
2k
views
Why do one-time pads not provide message authentication?
It is often said that one-time pads do not provide message authentication. But, if you and I have a one-time symmetric key, and I send you a message, and it is not complete gibberish, is that itself ...
0
votes
0
answers
86
views
Authenticating without sending password to the server, and store data encrypted with password derived key on server
I am trying to think of a scheme that would allow a user to authenticate to a server, whithout sending the password to the server, and to also derive a symetric key on the client (that also never gets ...
0
votes
0
answers
60
views
How can a node establish pairwise shared key with other nodes using its own polynomial share together with other's public values?
A server has a symmetric bivariate polynomial $ F(x, y) = \sum_{{i,j}=0}^{t-1}a_{i,j}x^iy^j$ $\in GF(p)[X, Y] $ of degree $t-1$. For simpliciy, $ F(x, y) = a_{0,0}+a_{1,0} x+a_{0,1}y+ a_{1,1}xy$ mod ...
1
vote
1
answer
324
views
Why is this authentication protocol with a nonce and tree parties not secure?
Why is the following authentication service not secure?
C⟶S: $I_C$
S⟶C: $N$
C⟶S: $E(K_{C,A}, N)$
S⟶A: $E(K_{S,A}, \{I_C, E(K_{C,A}, N)\})$
A⟶S: $E(K_{S,A}, N)$
where:
C = client
S = server
A = ...
1
vote
1
answer
237
views
Is symmetric encryption with a key containing the userId passes as authentication?
The scenario:
There is a web application where ownership check is time expensive so during the development all users were able to access all other user's objects (let's say apples) by changing the ...
1
vote
2
answers
1k
views
Is the security of an HMAC equally important as the security of the cipher itself?
I'm a little unclear on how hash based MAC works... So I would like to know, is the security of your hash function as important as the security of the overall cipher? Basically, if you can crack the ...
3
votes
1
answer
581
views
(Lightweight) Multicast one-way Authentication
Problem:
I'm thinking about a lightweight solution to provide source authentication (only one source) to multiple receivers (multicast message).
Context:
Taking the problem to ground, we can think of ...