Unformatted text preview: s Trent and requests a session key to communicate with Bob. (2) Trent generates a random session key. He encrypts two copies of it: one in Alice’s key and the other in Bob’s key. Trent sends both copies to Alice. (3) Alice decrypts her copy of the session key. (4) Alice sends Bob his copy of the session key. (5) Bob decrypts his copy of the session key. (6) Both Alice and Bob use this session key to communicate securely. This protocol relies on the absolute security of Trent, who is more likely to be a trusted computer program than a trusted individual. If Mallory corrupts Trent, the whole network is compromised. He has all of the secret keys that Trent shares with each of the users; he can read all past communications traffic that he has saved, and all future communications traffic. All he has to do is to tap the communications lines and listen to the encrypted message traffic. The other problem with this system is that Trent is a potential bottleneck. He has to be involved in every key exchange. If Trent fails, that disrupts the entire system. Key Exchange with PublicKey Cryptography
The basic hybrid cryptosystem was discussed in Section 2.5. Alice and Bob use publickey cryptography to agree on a session key, and use that session key to encrypt data. In some practical implementations, both Alice’s and Bob’s signed public keys will be available on a database. This makes the keyexchange protocol even easier, and Alice can send a secure message to Bob even if he has never heard of her: (1) Alice gets Bob’s public key from the KDC. (2) Alice generates a random session key, encrypts it using Bob’s public key, and sends it to Bob. (3) Bob then decrypts Alice’s message using his private key. (4) Both of them encrypt their communications using the same session key. ManintheMiddle Attack
While Eve cannot do better than try to break the publickey algorithm or attempt a ciphertextonly attack on the ciphertext, Mallory is a lot more powerful than Eve. Not only can he listen to messages between Alice and Bob, he can also modify messages, delete messages, and generate totally new ones. Mallory can imitate Bob when ta...
View
Full Document
 Fall '10
 ALIULGER
 Cryptography, Bruce Schneier, Applied Cryptography, EarthWeb, Search Search Tips

Click to edit the document details