This preview shows page 1. Sign up to view the full content.
Unformatted text preview: t password, P, and have just exchanged a secret key, K, using DiffieHellman key exchange. They use P to check that their two session keys are the same (and that Eve is not attempting a maninthemiddle attack), without giving P away to Eve. (1) Alice sends Bob H´ (P, K) (2) Bob computes H´ (P, K) and compares his result with what he received from Alice. If they match he sends Alice H´(H(P, K)) (3) Alice computes H´ (H(P, K)) and compares her result with what she received from Bob. If Eve is trying a maninthemiddle attack, she shares one key, K1, with Alice, and another key, K2, with Bob. To fool Bob in step (2), she has to figure out the shared password and then send Bob H´ * (P, K2). With a normal hash function she can try common passwords until she guesses the correct one, and then successfully infiltrate the protocol. But with this hash function, many passwords are likely to produce the same value when hashed with K1. So when she finds a match, she will probably have the wrong password, and hence Bob will not be fooled. 22.7 Conference Key Distribution and Secret Broadcasting
Alice wants to broadcast a message, M, from a single transmitter. However, she doesn’t want it to be intelligible by every listener. In fact, she only wants a select subset of listeners to be able to recover M. Everyone else should get nonsense. Alice can share a different key (secret or public) with each listener. She encrypts the message in some random key, K. Then she encrypts a copy of K with each of the keys of her intended recipients. Finally, she broadcasts the encrypted message and then all of the encrypted Ks. Bob, who is listening, either tries to decrypt all the Ks with his secret key, looking for one that is correct, or, if Alice doesn’t mind everyone knowing who her message is for, he looks for his name followed by an encrypted key. Multiplekey cryptography, previously discussed, also works. Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details