3.8.pki - CS 161 Computer Security Spring 2010...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CS 161 Computer Security Spring 2010 Paxson/Wagner Notes 3/8 Key Management In this lecture, we’ll talk about how to manage keys. For instance, how does Alice find out Bob’s public key? Does it matter? 1 Cryptographic Hash Functions See the 3/5 notes for material on cryptographic hash functions. 2 Man-in-the-middle Attacks Suppose Alice wants to communicate security with Bob over an insecure communication channel, but she doesn’t know his public key (and he doesn’t know hers). A naive strategy is that she could just send Bob a message asking him what his public key is, and accept whatever response she gets back (over the insecure communication channel). Alice would then encrypt her message using the public key she received in this way. This naive strategy is insecure. An active attacker could tamper with Bob’s response, replacing the public key in Bob’s response with the attacker’s public key. When Alice encrypts her message, she’ll be encrypting it under the attacker’s public key, not Bob’s public key. When Alice transmits the resulting ciphertext over the insecure communication channel, the attacker can observe the ciphertext, decrypt it with his (the attacker’s) private key, and learn the secret message that Alice was trying to send to Bob. You might think that Bob could detect this attack when he receives a ciphertext that he is unable to decrypt using his own private key. However, an active attacker can prevent Bob from noticing the attack. After decrypting the ciphertext Alice sent and learning the secret message that Alice wanted to send, the attacker could re-encrypt Alice’s message under Bob’s public key and tamper with Alice’s packet to replace her ciphertext with the new ciphertext generated by the attacker. In this way, neither Alice nor Bob would have any idea that something has gone wrong. This allows an active attacker to spy on Alice’s secret messages to Bob, without breaking any of the cryptography. If Alice and Bob are having a two-way conversation, and they both exchange their public keys over an insecure communication channel, then an attacker could mount a similar attack on both directions. As a result, the attacker will get to observe all of the secret messages that Alice and Bob send to each other, but neither Alice nor Bob will have any idea that something has gone wrong. This is known as a “man-in-the- middle” attack, because the attacker interposes himself in between Alice and Bob. Man-in-the-middle attacks were possible in this example because Alice did not have any way of authenti- cating Bob’s alleged public key. The general strategy for preventing man-in-the-middle attacks is to ensure that every participant can verify the authenticity of other people’s public keys. But how do we do that, CS 161, Spring 2010, Notes 3/8 1 specifically? We’ll look next at several possible approaches to secure key management....
View Full Document

{[ snackBarMessage ]}

Page1 / 6

3.8.pki - CS 161 Computer Security Spring 2010...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online