CS 556 Computer Security Fall 2010

Dr. Indrajit Ray Email: indrajit@cs.colostate.edu Department of Computer Science Colorado State University Fort Collins, CO 80523, USA

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 1 / 11

D IFFIE -H ELLMAN C RYPTOSYSTEM

D IFFIE -H ELLMAN C RYPTOSYSTEM

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 2 / 11

Dife-Hellman PKDS
D IFFIE -H ELLMAN C RYPTOSYSTEM

G G G G

First public-key type scheme proposed was a PKDS by Dife & Hellman in 1976 Strength based on the difculty of the nding discrete logarithms Cannot be used to exchange any arbitrary message Cannot be used to sign a message

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 3 / 11

Dife-Hellman PKDS
D IFFIE -H ELLMAN C RYPTOSYSTEM

1: Chooses xa 2: yB = xb mod p

1: Chooses xb

Alice
2: yA = xa mod p 3: Computes KAB

Bob
3: Computes KAB

= xa.xb mod p

= xa.xb mod p

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 4 / 11

Dife-Hellman PKDS
D IFFIE -H ELLMAN C RYPTOSYSTEM

G G

Alice and Bob wants to exchange a secret key over an insecure channel System wide constants

! p a very large prime number ( 200 digit) ! a small integer

G G

Alice chooses a secret number xa Bob chooses a secret number xb

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 5 / 11

Dife-Hellman PKDS
D IFFIE -H ELLMAN C RYPTOSYSTEM

Alice computes yA = xa mod p

! makes it public / sends to Bob

G

Bob computes yB = xb mod p

! makes it public / sends to Alice

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 6 / 11

Dife-Hellman PKDS
D IFFIE -H ELLMAN C RYPTOSYSTEM

Alice computes the secret key as

KAB = (yB )xa mod p = (xb mod p)xa mod p = xa.xb mod p
G

Bob computes the same secret key as

KAB = (yA )xb mod p = (xa mod p)xb mod p = xa.xb mod p

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 7 / 11

DH Intruder-in-the-Middle Attack
D IFFIE -H ELLMAN C RYPTOSYSTEM

3: Computes KAC and KBC

Charlie
= xa
2: yAC

mod p

1: Chooses xc
2: yCA 2: yCB

2: yBC

= xb mod p

1: Alice Chooses xa
3: Computes KAC

= xc mod p

= xc mod p

Bob
3: Computes KBC

1: Chooses xb

= xc.xa mod p

= xc.xb mod p

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 8 / 11

DH Intruder-in-the-Middle Attack
D IFFIE -H ELLMAN C RYPTOSYSTEM

Alice computes yAC = xa mod p

! This is meant for Bob, but captured by Charlie

G

Bob computes yBC = xb mod p

! This is meant for Alice, but captured by Charlie

G

Charlie computes yCA = yCB = xc mod p

! Sent to Alice; Alice believes it came from Bob ! Sent to Bob; Bob believes it came from Alice

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 9 / 11

DH Intruder-in-the-Middle Attack
D IFFIE -H ELLMAN C RYPTOSYSTEM

Alice computes secret key as

! KAC = (yCA )xa mod p = xc.xa mod p

G

Bob computes secret key as

! KBC = (yCB )xb mod p = xc.xb mod p

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 10 / 11

DH Intruder-in-the-Middle Attack
D IFFIE -H ELLMAN C RYPTOSYSTEM

G G

Charlie computes two secret keys KAC = (yAC )xc mod p = xc.xa mod p

! Alice and Charlie share this key

G

KBC = (yBC )xc mod p = xc.xb mod p

! Bob and Charlie share this key

Dr. Indrajit Ray, Computer Science Department

CS 556 - Computer Security - c 2010 Colorado State University 11 / 11