Sunday, July 11, 2021

Man in the middle attack in diffie - hellman key exchange algorithm | How to prevent man in the middle attack in diffie hellman key exchange algorithm

Man in the middle attack in Diffie-Hellman Key exchange algorithm

q  What is man in the middle attack?

·  Man-in-the-middle attack (Meet-in-the-middle attack) is a common type of security attack that allows attackers to eavesdrop on the communication between two users.

· The attack takes place in between two users, allowing the attacker to “listen” to a conversation, without permission of users, hence the name “man-in-the-middle.”

·  Here’s an analogy: Alice and Bob are having a conversation; Darth (Attacker) wants to eavesdrop on the conversation but also remain transparent.

·       Darth could tell Alice that he was Bob and tell Bob that she was Alice.

·      This would lead Alice to believe she’s speaking to Bob, while actually revealing her part of the conversation to Darth.

·     Darth could then gather information from this, alter the response, and pass the message along to Bob (who thinks he’s talking to Alice).

·      As a result, Darth is able to transparently hijack their conversation.

·   Purpose of Diffie-Hellman key exchange algorithm is exchanging public keys and calculate secret keys using public keys.

·     Then subsequent messages (further communications) are encrypted using secret keys.

 

q  How man in the middle attack takes place in Diffie-Hellman Key exchange algorithm

·    Man in the middle attack in Diffie-Hellman key exchange is takes place during exchanges of public keys, it may be attacker capture the both keys and new values of keys are share with both the users.

·   Subsequent encrypted messages are read and modified by attacker. Then send to the respective user. Using this attack attacker may read and modify messages and get the benefits of user communication.

·     Let see one scenario….

 


·         As per Diffie-Hellman key exchange algorithm Alice wants to exchange key with Bob:

·         Alice, Select XA.

·         Calculate YA.

·         Bob, Select XB.

·         Calculate YB.

 


·         Darth prepares for the attack,

·         Generating two random private keys XD1 and XD2

·         Calculate public key YD1

·         Calculate public key YD2

 


·         As per key exchange algorithm, Alice transmits her public key YA to Bob.

·         Darth intercepts YA

·       Darth calculate secret key KAlice for more conversation with Alice. KAlice = (YA)XD2 mod q.

 


·    Darth transmits YD1 (in place of YA)to Bob. Bob doesn’t have an idea, YD1 is shared by Darth.

·     Bob calculate secret key K1 using YD1. Secret Key K1 = (YD1 )XB mod q.

·      Bob transmits his public key YB to Alice.

·      Darth intercepts YB.

·     Darth calculate secret key KBob  for more conversation with Bob.  KBob = (YB )XD1 mod q.


·     Darth transmits YD2 (in place of YB)to Alice. Alice doesn’t have an idea, YD2 is shared by Darth.

·       Alice calculate secret key K2 using YD2. Secret Key K2 = (YD2 )XA mod q.

·     Now, Darth will capture all subsequent messages of Alice and Bob. Read and modify all the message and send to the alice and Bob.

·   It means Alice communicate with Darth and Bob also communicate with Darth.  But Alice and Bob have think, they are communicate with each others.

·     This type of attack is called man in the middle attack in Diffie-Hellman Key Exchange.

·   We cannot easily detect man-in-the-middle attack, so we need to prevent man-in-the-middle attack before communication.

 

q  How to prevent from Man-in-the-Middle Attack

·         Strong WEP/WAP Encryption on Access Points

·         Strong Router Login Credentials

·         Virtual Private Network

·         Use of HTTPS


To learn more about Man in the middle attack in diffie-hellman key exchange algorithm, watch below video




Video : Man in the middle attack in diffie hellman key exchange

Watch more videos click here.

No comments:

Post a Comment