Scribd Logo
Upload

Welcome to Scribd!

  • Cryptography 3

    Uploaded by

    Venera Makhambayeva
    5 views25 pages

    Original Title

    Cryptography3

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views25 pages

    Cryptography 3

    Uploaded by

    Venera Makhambayeva

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 25

    CRYPTOGRAPHY

    @ V E N E RV
    AGENDA

    Secret Key exchange problem

    Diffie-Hellman method

    2
    SECRET KEY
    EXCHANGE
    PROBLEM
    Alice Internet
    Bob
    K K

    M ℰ C
    𝒟
    M/
    Adversary

    : encryption algorithm (public) K : encryption / decryption key (secret)

    : decryption algorithm (public)


    4
    Alice Internet
    Bob
    Ke Kd

    M ℰ C
    𝒟
    M/
    Adversary

    : encryption algorithm (public) Ke : encryption key (public)

    : decryption algorithm (public) Kd : decryption key (secret)


    5
    SECRET KEY EXCHANGE PROBLEM

    One of the main problems of symmetric key encryption is it requires


    a secure & reliable channel for the shared key exchange.

    The Diffie-Hellman Key Exchange protocol offers a way in which a


    public channel can be used to create a confidential shared key.

    6
    DIFFIE-HELLMAN KEY EXCHANGE
    •Discovered in the 1970's

    •Allows two parties to establish a shared secret


    without ever having met
    Ralph Merkle Whitfield Diffie
    Martin Hellman
    •Diffie & Hellman paper also introduced:
    •Public-key encryption
    •Digital signatures

    7
    ALICE & BOB WITH EVE LISTENING WISH
    TO MAKE A SECRET SHARED COLOR

    8
    STEP 1 - BOTH PUBLICLY AGREE TO A
    SHARED COLOR

    9
    STEP 2 - EACH PICKS A SECRET COLOR

    10
    STEP 3 - EACH ADDS
    THEIR SECRET COLOR
    TO THE SHARED COLOR
    STEP 4 - EACH SENDS
    THE OTHER THEIR NEW
    MIXED COLOR
    EACH COMBINES THE SHARED COLOR FROM
    THE OTHER WITH THEIR OWN SECRET COLOR
    LET’S GET BACK TO MATH
    We will rely on the formula below being an easy problem one direction
    and hard in reverse.
    s = g n mod p
    Easy: given g, n, & p, solve for s
    Hard: given s, g, & p, solve for n
    And the property of
    ga*b mod p = gb*a mod p

    14
    STEP 1 –PUBLICLY SHARED
    INFORMATION
    Alice & Bob publicly agree to a large prime number called the
    modulus, or p.
    Alice & Bob publicly agree to a number called the generator, or g,
    which has a primitive root relationship with p.
    In our example we’ll assume
    p = 17
    g=3
    Eve is aware of the values of p or g.

    15
    STEP 2 – SELECT A SECRET KEY
    Alice selects a secret key, which we will call a.
    Bob selects a secret key, which we will call b.
    For our example assume:
    a = 54
    b = 24
    Eve is unaware of the values of a or b.
    STEP 3 – COMBINE SECRET KEYS WITH
    PUBLIC INFORMATION
    Alice combines her secret key of a with the public information to
    compute A.
    A = ga mod p
    A = 354 mod 17
    A = 15

    18
    STEP 3 – COMBINE SECRET KEY WITH
    PUBLIC INFORMATION
    Bob combines his secret key of b with the public information to
    compute B.
    B = gb mod p
    B = 354 mod 17
    B = 16
    STEP 4 – SHARE COMBINED VALUES
    Alice shares her combined value, A, with Bob. Bob shares his
    combined value, B, with Alice.
    Sent to Bob
    A = 15
    Sent to Alice
    B = 16
    Eve is privy to this exchange and knows the values of A and B

    20
    STEP 5 – COMPUTE SHARED KEY

    Alice computes the shared key.


    s = (B mod p)a mod p
    s = gb*a mod p
    s = 354*24 mod 17
    s=1
    Bob computes the shared key.
    s = (A mod p)a mod p
    s = ga*b mod p
    s = 324*54 mod 17
    s=1
    Vulnerabilities of Diffie-Hellman key exchange

    The most serious limitation of Diffie-Hellman in its basic form is the lack of
    authentication. Communications using Diffie-Hellman by itself are vulnerable to
    MitM. Ideally, Diffie-Hellman should be used in conjunction with a recognized
    authentication method, such as digital signatures, to verify the identities of the
    users over the public communications medium.

    Diffie-Hellman key exchange is also vulnerable to logjam attacks, specifically


    against the TLS protocol. Logjam attacks downgrade TLS connections to 512-bit
    cryptography, enabling an attacker to read and modify data that's passed through
    the connection. Diffie-Hellman key exchange can still be secure if implemented
    correctly. For example, logjam attacks won't work with a 2,048-bit key.

    22
    MAN-IN-THE-MIDDLE ATTACK
    One problem with Diffie-Hellman is that there is no authentication, and so the
    protocol is subject to a man-in-the-middle attack:
    • Alice generates g x and sends it to "Bob"
    • Eve intercepts the message:
    • Generates g v , and sends it to Bob in place of Alice's message
    • Bob receives g v , generates g y , and sends it to "Alice"
    • Eve intercepts the message:
    • Generates g w , and sends it to Alice in place of Bob's message
    • Alice computes k = (g w ) x
    • Bob computes k' = (g v ) y
    • Eve computes k = (g x ) w and k' = (g y ) v

    23
    LOGJAM ATTACK

    24
    25

    You might also like