[Bonus question, points 5]
Consider the Zhou-Gollmann protocol describer at page 19 of previous
lecture notes. Assume that we switch the second and the third step of
the protocol. What can we say about the properties of the protocol?
- They are maintained
- We lose non-repudiation of origin
- We lose non-repudiation of recipient
- We lose both
Please motivate your answer.
Motivation:It the second and the third step of
the protocol are exchanged, then an evil recipient has the possibility of
getting the encrypted message from the sender,
and the key to decode it from the server,
without sending any message FNRR to the sender.
Hence the sender will have no evidence that the recipient received the encrypted message.