SECURITY and CRYPTOGRAPHY 15-827 16 OCT 01 Lecture #9 M.B. 4615 Wean READING: "The Hunting of the Snark," by Lewis Carroll. "Secure Human Identification Protocols," by Hopper and (apparently) Blum. PhonOID: I'm having trouble along several dimensions: 1. I want the protocol to be FUN. What's FUN? FUN is being able to whip out something quickly that completely stumps everyone. 2. I want it to work against CHOSEN CHALLENGE attack. There are at least 2 possible ways to try and achieve this: 2.1 RESTRICT the class of allowable challenges thru the use of an error correcting code that eliminates most challenges. or 2.2 Compute a CHECKSUM, say the sum of the challenge digits (mod 10). Use it, for example, to find a starting point. A change in one digit would then have a serious effect on the response. For example, HEALTH = 5, while WEALTH = 4. Thus the protocol on Challenge HEALTH might start at T, while on the Challenge WEALTH it would start on L. This, however, may be difficult for the arithmetically challenged. Sample protocol based on above ideas. Challenge = a word or sentence having 5 or 6 characters. CHALLENGE= JUMP DUMP BUMP HUMP HIDDEN = 5 8 6 2 RESPONSE = <2,2,4,6> <7,0,2,4> <1,0,4,6> <2,1,4,4> CHALLENGE= JUMPS DUMPS BUMPS HUMPS HIDDEN = 0 3 1 7 RESPONSE = <6,1,2,7> <9,0,4,8> <2,0,4,2> <2,1,4,8> CHALLENGE= STUMP LUMP DREAM REAM HIDDEN = 6 5 9 9 RESPONSE = <2,2,4,8> <2,2,4,4> <7,5,9,2> <8,8,0,2> CHALLENGE= STUMPS LUMPS SCREAM CREAM HIDDEN = 1 0 0 5 RESPONSE = <2,2,4,2> <6,1,2,6> <7,8,9,4> <6,4,7,2>