applied cryptography - protocols, algorithms, and source code in c

2 alice generates a random session key encrypts it

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: s Trent and requests a session key to communicate with Bob. (2) Trent generates a random session key. He encrypts two copies of it: one in Alice’s key and the other in Bob’s key. Trent sends both copies to Alice. (3) Alice decrypts her copy of the session key. (4) Alice sends Bob his copy of the session key. (5) Bob decrypts his copy of the session key. (6) Both Alice and Bob use this session key to communicate securely. This protocol relies on the absolute security of Trent, who is more likely to be a trusted computer program than a trusted individual. If Mallory corrupts Trent, the whole network is compromised. He has all of the secret keys that Trent shares with each of the users; he can read all past communications traffic that he has saved, and all future communications traffic. All he has to do is to tap the communications lines and listen to the encrypted message traffic. The other problem with this system is that Trent is a potential bottleneck. He has to be involved in every key exchange. If Trent fails, that disrupts the entire system. Key Exchange with Public-Key Cryptography The basic hybrid cryptosystem was discussed in Section 2.5. Alice and Bob use public-key cryptography to agree on a session key, and use that session key to encrypt data. In some practical implementations, both Alice’s and Bob’s signed public keys will be available on a database. This makes the key-exchange protocol even easier, and Alice can send a secure message to Bob even if he has never heard of her: (1) Alice gets Bob’s public key from the KDC. (2) Alice generates a random session key, encrypts it using Bob’s public key, and sends it to Bob. (3) Bob then decrypts Alice’s message using his private key. (4) Both of them encrypt their communications using the same session key. Man-in-the-Middle Attack While Eve cannot do better than try to break the public-key algorithm or attempt a ciphertext-only attack on the ciphertext, Mallory is a lot more powerful than Eve. Not only can he listen to messages between Alice and Bob, he can also modify messages, delete messages, and generate totally new ones. Mallory can imitate Bob when ta...
View Full Document

This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.

Ask a homework question - tutors are online