------------------------------------------------------------------------------ Mohamed G. Gouda Network Protocol Security CS 395T HW1 Solution ------------------------------------------------------------------------------ 1. process p const T : integer, /round-trip delay between p and q r : integer, /max. value for the shared key sk : 0..r-1, /shared key between p and q var t : integer, /text of current data msg nc : integer, /nonce of current data msg, init. nc.p=nc.q nc' : integer, /nonce of next data msg c : integer, /received ack ready : boolean /initially true begin ready --> ready := false; t := any; nc' := NNC; send data(NCR(sk, t|nc|nc')) to q [] rcv ack(c) from q --> if nc' = c --> ready := true; nc := nc' [] nc' <> c --> skip fi [] timeout ~ready ^ T time units have passed since first action is executed last --> send data(NCR(sk, t|nc|nc')) to q end process q const r : integer, /max. value for the shared key sk : 0..r-1 /shared key between p and q var t : integer, /text of received data msg nc : integer, /nonce of next data msg, init. nc.p=nc.q h : integer, /received data c,c' : integer /received nonces begin rcv data(h) from p --> (t, c, c') := DCR(sk, h); if nc = c --> /deliver t nc := c'; send ack(nc) to q [] nc <> c --> send ack(nc) to q fi end ------------------------------------------------------------------------------- 3. Let s be the source of the long chain and d be the destination of the long chain. for every certificate (u, v) that occurs only in the long chain do the following to disperse (u, v): add (u, v) to D.s or D.d for every certificate (u, v) that occurs only in the short chains do the following to disperse (u, v): if there is a node x such that x is the source or destination of every chain that has (u,v), then add (u, v) to D.x else add (u, v) to both D.u and D.v. for every certificate (u, v) that occurs in the long and some short chains do the following to disperse (u, v): Let D'(u,v) be the location of certificate (u,v) given a dispersal D' where (u,v) is assigned to the source s of the long chain. 1. remove from the set Y of short chains that contain (u,v) every chain whose source or destination is s 2. if Y is empty, then D'(u,v) = {s} elseif there is a node x such that x is the source or destination of every remaining chain in Y, then D'(u,v) = {s, x} else D'(u,v) = {s, u, v} Let D"(u,v) be the location of certificate (u,v) given a dispersal D" where (u,v) is assigned to the destination d of the long chain. 1. remove from the set Y of short chains that contain (u,v) every chain whose source or destination is d 2. if Y is empty, then D"(u,v) = {d} elseif there is a node x such that x is the source or destination of every remaining chain in Y, then D"(u,v) = {d, x} else D"(u,v) = {d, u, v} If |D'(u,v)| =< |D"(u,v)|, then disperse (u,v) to every D.z where z is in D'(u,v) else disperse (u,v) to every D.z where z is in D"(u,v)