Presentation is loading. Please wait.

Presentation is loading. Please wait.

Key Exchange, Man-in-the-Middle Attack

Published byFrieda Tiedeman Modified over 4 years ago

Similar presentations

Presentation on theme: "Key Exchange, Man-in-the-Middle Attack"— Presentation transcript:

1 Key Exchange, Man-in-the-Middle Attack
Network Security

2 Key Exchange, Man-in-the-Middle Attack
Objectives of the Topic After completing this topic, a student will be able to describe Man-in-the-Middle Attack while performing key exchange.

3 Key Exchange, Man-in-the-Middle Attack
Figures and material in this topic have been adapted from “Network Security Essentials : Applications and Standards”, 2014, by William Stallings.

4 Key Exchange, Man-in-the-Middle Attack
Key Exchange Protocol: An Example Suppose that user A wishes to set up a connection with user B and use a secret key to encrypt messages on that connection.

5 Key Exchange, Man-in-the-Middle Attack
User A can generate a one-time private key XA, calculate public value YA, and send that to user B. User B responds by generating a private value XB, calculating YB, and sending YB to user A.

6 Key Exchange, Man-in-the-Middle Attack
Both users can now calculate the key. The necessary public values q and α would need to be known ahead of time.

7 Key Exchange, Man-in-the-Middle Attack

8 Key Exchange, Man-in-the-Middle Attack
Key Exchange Protocol: Another Example Suppose that a group of users (e.g., all users on a LAN) each generate a long-lasting private value Xi (for user i) and calculate a public value Yi.

9 Key Exchange, Man-in-the-Middle Attack
These public values, together with global public values for q and α, are stored in some central directory.

10 Key Exchange, Man-in-the-Middle Attack
At any time, user j can access user i’s public value, calculate a secret key, and use that to send an encrypted message to user i.

11 Key Exchange, Man-in-the-Middle Attack
If the central directory is trusted, then this form of communication provides both confidentiality and a degree of authentication.

12 Key Exchange, Man-in-the-Middle Attack
However, the technique does not protect against replay attacks.

13 Key Exchange, Man-in-the-Middle Attack
Suppose Alice and Bob wish to exchange keys, and Darth is the adversary. The man-in-the-middle attack proceeds as follows

14 Key Exchange, Man-in-the-Middle Attack
1. Darth prepares for the attack by generating two random private keys XD1 and XD2 and then computing the corresponding public keys YD1 and YD2.

15 Key Exchange, Man-in-the-Middle Attack
2. Alice transmits YA to Bob. 3. Darth intercepts YA and transmits YD1 to Bob. Darth also calculates K2 = (YA)XD2 mod q.

16 Key Exchange, Man-in-the-Middle Attack
4. Bob receives YD1 and calculates K1 = (YD1)XB mod q. 5. Bob transmits YB to Alice. 6. Darth intercepts YB and transmits YD2 to Alice. Darth calculates K1 = (YB)XD1 mod q.

17 Key Exchange, Man-in-the-Middle Attack
7. Alice receives YD2 and calculates K2 = (YD2)XA mod q.

18 Key Exchange, Man-in-the-Middle Attack
At this point, Bob and Alice think that they share a secret key, but instead Bob and Darth share secret key K1 and Alice and Darth share secret key K2. All future communication bet. Bob and Alice works in following way.

19 Key Exchange, Man-in-the-Middle Attack
1. Alice sends an encrypted message M: E(K2, M). 2. Darth intercepts the encrypted message and decrypts it to recover M. 3. Darth sends Bob E(K1, M) or E(K1, M′), where M′ is any message.

20 Key Exchange, Man-in-the-Middle Attack
In the first case, Darth simply wants to eavesdrop on the communication without altering it. In the second case, Darth wants to modify the message going to Bob.

21 Key Exchange, Man-in-the-Middle Attack

22 Key Exchange, Man-in-the-Middle Attack
The key exchange protocol is vulnerable to such an attack because it does not authenticate the participants. End

Download ppt "Key Exchange, Man-in-the-Middle Attack"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.

Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.
Public-Key Cryptography CS110 Fall 2002. Conventional Encryption.

Public-Key Cryptography CS110 Fall Conventional Encryption.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
CSE 331: Introduction to Networks and Security Fall 2001 Instructor: Carl A. Gunter Encrypted Knock Knock.

CSE 331: Introduction to Networks and Security Fall 2001 Instructor: Carl A. Gunter Encrypted Knock Knock.
PUBLIC KEY CRYPTOGRAPHY ALGORITHM Concept and Example 1IT352 | Network Security |Najwa AlGhamdi.

PUBLIC KEY CRYPTOGRAPHY ALGORITHM Concept and Example 1IT352 | Network Security |Najwa AlGhamdi.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,

1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Key Management Network Systems Security Mort Anvari.

Key Management Network Systems Security Mort Anvari.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.

1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Homework #1 J. H. Wang Oct. 9, 2012.

Homework #1 J. H. Wang Oct. 9, 2012.
Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

Similar presentations

Ads by Google