## Friday, October 22, 2021

### Man in the middle attack in diffie - hellman key exchange algorithm | How to prevent man in the middle attack in diffie hellman key exchange algorithm

Introduction to man in the middle attack

Man-in-the-middle attack (Meet-in-the-middle attack) is a common type of security attack that allows attackers to eavesdrop on the communication between two users.

The attack takes place in between two users, allowing the attacker to “listen” to a conversation, without permission of users, hence the name “man-in-the-middle.”

Here’s an analogy: Alice and Bob are having a conversation; Darth (Attacker) wants to eavesdrop on the conversation but also remain transparent.

Darth could tell Alice that he was Bob and tell Bob that she was Alice.

This would lead Alice to believe she’s speaking to Bob, while actually revealing her part of the conversation to Darth.

Darth could then gather information from this, alter the response, and pass the message along to Bob (who thinks he’s talking to Alice).

As a result, Darth is able to transparently hijack their conversation.

Purpose of Diffie-Hellman key exchange algorithm is exchanging public keys and calculate secret keys using public keys.

Then subsequent messages (further communications) are encrypted using secret keys.

Man-in-the-middle attack in Diffie-Hellman Key exchange algorithm

Man in the middle attack in Diffie-Hellman key exchange is takes place during exchanges of public keys, it may be attacker capture the both keys and new values of keys are share with both the users.

Subsequent encrypted messages are read and modified by attacker. Then send to the respective user. Using this attack attacker may read and modify messages and get the benefits of user communication. Let see one scenario….

As per Diffie-Hellman key exchange algorithm Alice wants to exchange key with Bob:

As per Above Diagram

Alice, Select XA.

Calculate YA.

Bob, Select XB.

Calculate YB.

Darth prepares for the attack,

Generating two random private keys XD1 and XD2

Calculate public key YD1

Calculate public key YD2

As per key exchange algorithm, Alice transmits her public key YA to Bob.

Darth intercepts YA

Darth calculate secret key KAlice for more conversation with Alice. KAlice = (YA)XD2 mod q.

Darth transmits YD1 (in place of YA) to Bob. Bob doesn’t have an idea, YD1 is shared by Darth.

Bob calculate secret key K1 using YD1. Secret Key K1 = (YD1) XB mod q.

Bob transmits his public key YB to Alice.

Darth intercepts YB.

Darth calculate secret key KBob for more conversation with Bob.  KBob = (YB) XD1 mod q.

Darth transmits YD2 (in place of YB) to Alice. Alice doesn’t have an idea, YD2 is shared by Darth.

Alice calculates secret key K2 using YD2. Secret Key K2 = (YD2) XA mod q.

Now, Darth will capture all subsequent messages of Alice and Bob. Read and modify all the message and send to the alice and Bob.

It means Alice communicate with Darth and Bob also communicate with Darth.  But Alice and Bob have think, they are communicate with each others.

This type of attack is called man in the middle attack in Diffie-Hellman Key Exchange.

We cannot easily detect man-in-the-middle attack, so we need to prevent man-in-the-middle attack before communication.

How to prevent from Man-in-the-Middle Attack

Strong WEP/WAP Encryption on Access Points

Strong Router Login Credentials

Virtual Private Network

Use of HTTPS

To learn more about man in the middle attack in diffied-hellman key exchange algorithm, Click here

Watch more videos click here.