3.8.pki - CS 161 Computer Security Spring 2010...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CS 161 Computer Security Spring 2010 Paxson/Wagner Notes 3/8 Key Management In this lecture, well talk about how to manage keys. For instance, how does Alice find out Bobs public key? Does it matter? 1 Cryptographic Hash Functions See the 3/5 notes for material on cryptographic hash functions. 2 Man-in-the-middle Attacks Suppose Alice wants to communicate security with Bob over an insecure communication channel, but she doesnt know his public key (and he doesnt know hers). A naive strategy is that she could just send Bob a message asking him what his public key is, and accept whatever response she gets back (over the insecure communication channel). Alice would then encrypt her message using the public key she received in this way. This naive strategy is insecure. An active attacker could tamper with Bobs response, replacing the public key in Bobs response with the attackers public key. When Alice encrypts her message, shell be encrypting it under the attackers public key, not Bobs public key. When Alice transmits the resulting ciphertext over the insecure communication channel, the attacker can observe the ciphertext, decrypt it with his (the attackers) private key, and learn the secret message that Alice was trying to send to Bob. You might think that Bob could detect this attack when he receives a ciphertext that he is unable to decrypt using his own private key. However, an active attacker can prevent Bob from noticing the attack. After decrypting the ciphertext Alice sent and learning the secret message that Alice wanted to send, the attacker could re-encrypt Alices message under Bobs public key and tamper with Alices packet to replace her ciphertext with the new ciphertext generated by the attacker. In this way, neither Alice nor Bob would have any idea that something has gone wrong. This allows an active attacker to spy on Alices secret messages to Bob, without breaking any of the cryptography. If Alice and Bob are having a two-way conversation, and they both exchange their public keys over an insecure communication channel, then an attacker could mount a similar attack on both directions. As a result, the attacker will get to observe all of the secret messages that Alice and Bob send to each other, but neither Alice nor Bob will have any idea that something has gone wrong. This is known as a man-in-the- middle attack, because the attacker interposes himself in between Alice and Bob. Man-in-the-middle attacks were possible in this example because Alice did not have any way of authenti- cating Bobs alleged public key. The general strategy for preventing man-in-the-middle attacks is to ensure that every participant can verify the authenticity of other peoples public keys. But how do we do that, CS 161, Spring 2010, Notes 3/8 1 specifically? Well look next at several possible approaches to secure key management....
View Full Document

Page1 / 6

3.8.pki - CS 161 Computer Security Spring 2010...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online