This preview shows page 1. Sign up to view the full content.
Unformatted text preview: subjected to ManintheMiddle Attack !! Because Alice does
But
not know for sure if it’s actually Bob who is sending her the YB
not Remedy: Published those public numbers, i.e. a, q and YA , YB in
Remedy:
a “Trusted, publicly accessible directory for each person”
“Trusted, This also allows Alice to send Bob an encrypted message
This
even when he is currently offline.
even
But how can you be sure that you are looking at the directory
hosted by the “true trusted directory server” ?
hosted Maninthemiddle (MITM) Attack DH protocol:
1. Alice > Bob: αx (mod q)
1.
(mod
2. Bob > Alice: αy (mod q)
2.
(mod Attack scenario Vulnerability: lack of what? Other Public Key Algorithms 1978: Merkle/Hellman (Knapsack), subsequently found to be insecure
1985: El Gamal (Discrete logarithm Problem)
1985: Miller/Koblitz (Elliptic curves)
1991: Digital Signature Standard (DSS) (Discrete logarithm Problem) And many others, too El Gamal El Gamal can be considered to be a generalization of DiffieHellman keyexchange
El
algorithm => still relies on the difficulty of doing discrete logarithm:
algorithm y = αx mod q
mod q iis prime ;
s α and x are +ve integers < q and α is a primitive root of q and 0 < x < q1 Public key = (y, α, q) ; Private key = x
Public
Private Encryption of plaintext message M (< q ): Select k: 1 ≤ k ≤ q2
Select
q2 C1 = αk mod q
C1
C2 = (ykM) mod q
Ciphertext = (C1,C2) Decryption: 1
M = [C2 * (C1x )1 ] mod q
where
where
1
b1 (mod q) is the “multiplicative inverse” of b (mod q), i.e.
[b*b1 ] mod q = 1 mod q ;
[b*b 1 mod El Gamal Encryption of plaintext message M (< q ): Select k: 0< k < q, relatively prime to (q1) C1 = αk mod q
C1
C2 = (ykM) mod q
Ciphertext = (C1,C2) Decryption: 1
M = [C2 * (C1x )1 ] mod q 1
1
Proof: [C2 * (C1x )1 ]mod q = [yk M * (C1x )1 ]mod q
Proof:mod
1
1
= [αkx M * (C1x )1 ]mod q = [C1x * M * (C1x )1 ] mod q = M mod q = Mmod
mod
because yk mod q = αkx mod q = C1x
because
where...
View
Full
Document
This note was uploaded on 12/05/2013 for the course IERG 4130 taught by Professor Chowszeming,sherman during the Fall '13 term at CUHK.
 Fall '13
 CHOWSzeMing,Sherman

Click to edit the document details