Essay is always a headache!
Send us your paper details now
We'll find the best professional writer for you!

M3A1 Lab: Challenge-Response Demo

Description

Given below are two scenarios. Read each scenario carefully and then answer the questions that follow each scenario. (see attached)

Scenario: Refer to Figures 1 and 2. The A3 and A8 algorithms were initially kept secret in the hope of preventing fraudulent calls. Eventually the algorithms were reverse engineered. This is an example where “security by obscurity” failed.

Now, respond to the following questions:

Question 1: What is the general approach of “security by obscurity”?

Question 2: Why do most security experts believe that security by obscurity is a faulty approach?

Scenario: The user’s AuC sends the triplet (R, S, CK) instead of the user’s subscription information to the MSC. In particular, the AuC does not send the user’s secret key K to the MSC in order for the MSC to compute the response S. The MSC is simply given the expected response S by the AuC. The reason is that there is not complete trust between the home network and visited network.

Now, respond to the following questions:

Question 3: Why does there need to be trust between the two networks? Be specific with regard to the scenario.

Question 4: Why is trust limited between the service providers in the home network and visited network?

Leave a Reply

Your email address will not be published. Required fields are marked *