{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

L03_publickeycrypto

# because alice does but not know for sure if its

This preview shows page 1. Sign up to view the full content.

This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: subjected to Man-in-the-Middle Attack !! Because Alice does But not know for sure if it’s actually Bob who is sending her the YB not Remedy: Published those public numbers, i.e. a, q and YA , YB in Remedy: a “Trusted, publicly accessible directory for each person” “Trusted, This also allows Alice to send Bob an encrypted message This even when he is currently offline. even But how can you be sure that you are looking at the directory hosted by the “true trusted directory server” ? hosted Man-in-the-middle (MITM) Attack DH protocol: 1. Alice -> Bob: αx (mod q) 1. (mod 2. Bob -> Alice: αy (mod q) 2. (mod Attack scenario Vulnerability: lack of what? Other Public Key Algorithms 1978: Merkle/Hellman (Knapsack), subsequently found to be insecure 1985: El Gamal (Discrete logarithm Problem) 1985: Miller/Koblitz (Elliptic curves) 1991: Digital Signature Standard (DSS) (Discrete logarithm Problem) And many others, too El Gamal El Gamal can be considered to be a generalization of Diffie-Hellman key-exchange El algorithm => still relies on the difficulty of doing discrete logarithm: algorithm y = αx mod q mod q iis prime ; s α and x are +ve integers < q and α is a primitive root of q and 0 < x < q-1 Public key = (y, α, q) ; Private key = x Public Private Encryption of plaintext message M (< q ): Select k: 1 ≤ k ≤ q-2 Select q-2 C1 = αk mod q C1 C2 = (ykM) mod q Ciphertext = (C1,C2) Decryption: 1 M = [C2 * (C1x )--1 ] mod q where where 1 b--1 (mod q) is the “multiplicative inverse” of b (mod q), i.e. [b*b--1 ] mod q = 1 mod q ; [b*b 1 mod El Gamal Encryption of plaintext message M (< q ): Select k: 0< k < q, relatively prime to (q-1) C1 = αk mod q C1 C2 = (ykM) mod q Ciphertext = (C1,C2) Decryption: 1 M = [C2 * (C1x )--1 ] mod q 1 1 Proof: [C2 * (C1x )--1 ]mod q = [yk M * (C1x )--1 ]mod q Proof:mod 1 1 = [αkx M * (C1x )--1 ]mod q = [C1x * M * (C1x )--1 ] mod q = M mod q = Mmod mod because yk mod q = αkx mod q = C1x because where...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online