Diffie Hellman Algorithm and Man in the middle attack problem
Diffie Hellman Algorithm
- Diffie hellman was originally designed for key exchange.
- Two parties creates a symmetric session key to exchange data without having to remember or store the key for future use.
- They do not have need to meet to agree with the key, it can be done through the internet.
- Here X & Y= Large random number
- P = Large prime number
- g = random number (P & g are public)
- Riya choose a large random number X and calculate R1 (R1 = g^X mod P).
- Ritu choose large random no. Y and calculate R2 (R2 = g^Y mod P).
- Riya sends R1 to Ritu (She doesn't send the value of X. She sends only R1).
- Ritu sends R2 to Riya but not the value of Y.
- Riya calculates K = (R2)^X mod P.
- Ritu calculates K = (R1)^Y mod P.
- The symmetric key for the session K(g^X mod P)^Y mod P = (g^Y mod P)^X mod P = g^XY mod P.
Example-
- Assume g = 7 and P = 23
- Riya choose X=3 & calculates R1 (R1= 7^3 mod 23)=21.
- Ritu choose Y= 6 & calculates R2 (7^6 mod 23) = 4
- Riya sends the number 21 to Ritu.
- Ritu sends the number 4 to Riya.
- Riya calculates symmetric key K = 4^3 mod 23 =18.
- Ritu calculates K = 21^6 mod 23 = 18.
- The value of K is the same for both Riya and Ritu.
- g^XY mod P = 7^18 mod 23 = 18.
Problem- Man in the middle attack
- Diffie hellman is not effective method because if anyone else know the value of X and Y then both Riya and Ritu will never get know that someone else is sending the message.
- Example- A person/ hacker comes in between and receives R1 that is sent by Riya and that hacker send an artificial R1' and again receives original R2 sent by Ritu and modify it and send the artificial R2' to Riya.
- Both Riya and Ritu does not get to know about artificial values(R1, R2).
- This problem is also known as a bucket brigade attack because it resembles a short line of volunteers passing a bucket of water from person to person.
Comments
Post a Comment