Unformatted text preview: es him only to sign new keys; it does not let him decrypt any session keys or read any message traffic. To read the traffic, Mallory has to impersonate a user on the network and trick legitimate users into encrypting messages with his phony public key. Mallory can launch that kind of attack. With Trent’s private key, he can create phony signed keys to fool both Alice and Bob. Then, he can either exchange them in the database for real signed keys, or he can intercept users’ database requests and reply with his phony keys. This enables him to launch a man-in-the-middle attack and read people’s communications. This attack will work, but remember that Mallory has to be able to intercept and modify messages. In some networks this is a lot more difficult than passively sitting on a network reading messages as they go by. On a broadcast channel, such as a radio network, it is almost impossible to replace one message with another—although the entire network can be jammed. On computer networks this is easier and seems to be getting easier every day. Consider IP spoofing, router attacks, and so forth; active attacks don’t necessarily mean someone down a manhole with a datascope, and they are not limited to three-letter agencies. Key and Message Transmission
Alice and Bob need not complete the key-exchange protocol before exchanging messages. In this protocol, Alice sends Bob the message, M, without any previous key exchange protocol: (1) Alice generates a random session key, K, and encrypts M using K. EK(M) (2) Alice gets Bob’s public key from the database. (3) Alice encrypts K with Bob’s public key. EB(K) (4) Alice sends both the encrypted message and encrypted session key to Bob. EK(M), EB(K) For added security against man-in-the-middle attacks, Alice can sign the transmission. (5) Bob decrypts Alice’s session key, K, using his private key. (6) Bob decrypts Alice’s message using the session key. This hybrid system is how public-key cryptography is most often used in a communications system. It can be combined with digital signatures, timestamps, and any other security protocols. K...
View Full Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
- Fall '10