Abstract by anuja a sonalker on Asymmetric Key Distribution
Test Case 3: Share Server Combined attack
Download 217.42 Kb. Pdf ko'rish
|
etd
- Bu sahifa navigatsiya:
- Chapter 5 Dual Threshold Approach
4.4.3 Test Case 3: Share Server Combined attack.
An equivalent of the Special Share should not be created from any combination of the legitimate shares owned by the Share servers. For this test, all the share servers were reprogrammed to create a share out of the shares they owned. Since, together, they have t number of shares in each set and 1 + − t k C k t number of sets, they would need to produce t+1 shares from an array of w shares where w = t C t k k t • + − 1 . The total number of possibilities they would need to try would be C w t 1 + . Even by using all C w t 1 + possible trials the share servers were unable to generate a valid signature. 52 Chapter 5 Dual Threshold Approach In the previous chapter a modified public key system was introduced for handling a special situation where a coalition needs to be formed by parties not completely sharing the same views or completely trusting each other but needing to collaborate on global issues. In this scenario of “trust-but-don’t–trust-blindly” if the Special Server were to be the focus of one’s attack, the compulsory share would fall into the hands of an attacker. While it is proven that in other circumstances of compromised entities, though there may arise a situation where the good servers may not be able to sign a certificate correctly due to insufficient number of good servers, a situation where a malicious entity would be able to get a certificate signed illegitimately does not arise. In other words, an external attacker cannot generate a meaningful signature without compromising the SS. This threat from a clever enemy, who chooses to attack the Special Server opens up a vulnerability in the algorithm. If the Special Server is attacked and compromised successfully, the attacker can send out a CSR. He only needs any t out of the k Share Servers in the system to send their signed shares, to get the bad certificate signed, which may not be a problem if the attack on the SS goes undetected. This problem can be overcome by a slight modification to the structure of the Special Server. This solution is called the Dual Threshold Approach. The structure of the Special Server is now distributed over a second hierarchical level of Distributed Special Servers within the same network. In other words, the Special Server is now a collection of Distributed Special Servers, which combine to form the Special Servers share. 53 Special Server share Distributed SS Distributed SS Distributed SS Distributed SS Distributed SS Download 217.42 Kb. Do'stlaringiz bilan baham: |
Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling
ma'muriyatiga murojaat qiling