Welcome to Scribd!

Preventing Man-in-the-Middle Attacks With Diffie-Hellman Key Exchange and Authentication

Uploaded by

0% found this document useful (0 votes)

46 views1 page

The document describes a man-in-the-middle attack on a standard authentication method using encryption with keys. It then presents a new authentication method using hashing with keys that prevents such attacks. The new method has Alice and Bob hash a password with a shared key to authenticate, then hash a challenge string with the password to further verify each other. This prevents a man-in-the-middle from being able to authenticate by reversing the hashes since they do not know the password.

Original Description:

Original Title

Anti Mitma

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

46 views1 page

Preventing Man-in-the-Middle Attacks With Diffie-Hellman Key Exchange and Authentication

Uploaded by

Achraf Houila

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 1

Search inside document

Preventing Man-in-the-Middle Attacks with

Diffie-Hellman Key Exchange and Authentication

h = hash(plaintext, salt) e = encrypt(plaintext, key) d = decrypt(ciphertext, key)

MAN IN THE MIDDLE ATTACK ON STANDARD AUTHENTICATION METHOD

Alice Mallory Bob

password = 54321 password = 54321
key = zzz alice key = zzz (DH MITMA) key = yyy
bob key = yyy (DH MITMA)
e(password,key) = passhash e(password,key) = passhash
e(54321,zzz) = "deadbeef" e(54321,yyy) = "badcoded"
SEND: "deadbeef" d(deadbeef,zzz) = 54321
e(54321,yyy) = "badcoded"
SEND->Bob: "badcoded"
RECV: "badcoded" matches
MITMA successful :(

NEW AUTHENTICATION METHOD

Alice Bob
password = 54321 password = 54321
key = zzz key = zzz
h(54321,key) = "blahwoot" h(54321,key) = "blahwoot"
SEND: "blahwoot"
RECV: "blahwoot" matches
h(ok,password) = GOOD! h(ok,password) = GOOD!
h("ok",54321) = "awesome" h("ok",54321) = "awesome"
SEND: "awesome"
RECV: "awesome" matches
pubkey now saved for future use in known_hosts
DH + authentication verified

MAN IN THE MIDDLE ATTACK ON NEW METHOD

Alice Mallory Bob

password = 54321 password = 54321
key = zzz alice key = zzz (DH MITMA) key = yyy
bob key = yyy (DH MITMA)
h(password,key) = passhash h(password,key) = passhash
h(54321,zzz) = "blahwoot" h(54321,yyy) = "wtfmate"
SEND: "blahwoot" can't reverse hash to get pass!
can't send h(ok,password) RECV: "blahwoot" != "wtfmate"
doesn't know password SEND: BAD!
RECV: BAD!
pubkey NOT saved in known_hosts
both sides fail authentication

Samy Kamkar - samy@samy.pl - August 4, 2009

The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
From Everand
The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
Mark Manson
Rating: 4 out of 5 stars
4/5 (5823)
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
From Everand
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
Brené Brown
Rating: 4 out of 5 stars
4/5 (1093)
Never Split the Difference: Negotiating As If Your Life Depended On It
From Everand
Never Split the Difference: Negotiating As If Your Life Depended On It
Chris Voss
Rating: 4.5 out of 5 stars
4.5/5 (852)
Principles: Life and Work
From Everand
Principles: Life and Work
Ray Dalio
Rating: 4 out of 5 stars
4/5 (612)
The Glass Castle: A Memoir
From Everand
The Glass Castle: A Memoir
Jeannette Walls
Rating: 4.5 out of 5 stars
4.5/5 (1718)
Grit: The Power of Passion and Perseverance
From Everand
Grit: The Power of Passion and Perseverance
Angela Duckworth
Rating: 4 out of 5 stars
4/5 (590)
Sing, Unburied, Sing: A Novel
From Everand
Sing, Unburied, Sing: A Novel
Jesmyn Ward
Rating: 4 out of 5 stars
4/5 (1105)
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
From Everand
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
Margot Lee Shetterly
Rating: 4 out of 5 stars
4/5 (898)
Shoe Dog: A Memoir by the Creator of Nike
From Everand
Shoe Dog: A Memoir by the Creator of Nike
Phil Knight
Rating: 4.5 out of 5 stars
4.5/5 (541)
The Perks of Being a Wallflower
From Everand
The Perks of Being a Wallflower
Stephen Chbosky
Rating: 4.5 out of 5 stars
4.5/5 (2105)
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
From Everand
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
Ben Horowitz
Rating: 4.5 out of 5 stars
4.5/5 (349)
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
From Everand
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
Ashlee Vance
Rating: 4.5 out of 5 stars
4.5/5 (474)
Bad Feminist: Essays
From Everand
Bad Feminist: Essays
Roxane Gay
Rating: 4 out of 5 stars
4/5 (1025)
The Outsider: A Novel
From Everand
The Outsider: A Novel
Stephen King
Rating: 4 out of 5 stars
4/5 (1867)
Her Body and Other Parties: Stories
From Everand
Her Body and Other Parties: Stories
Carmen Maria Machado
Rating: 4 out of 5 stars
4/5 (823)
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
From Everand
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
Viet Thanh Nguyen
Rating: 4.5 out of 5 stars
4.5/5 (122)
The Emperor of All Maladies: A Biography of Cancer
From Everand
The Emperor of All Maladies: A Biography of Cancer
Siddhartha Mukherjee
Rating: 4.5 out of 5 stars
4.5/5 (271)
Angela's Ashes: A Memoir
From Everand
Angela's Ashes: A Memoir
Frank McCourt
Rating: 4.5 out of 5 stars
4.5/5 (441)
Brooklyn: A Novel
From Everand
Brooklyn: A Novel
Colm Tóibín
Rating: 3.5 out of 5 stars
3.5/5 (1948)
The Little Book of Hygge: Danish Secrets to Happy Living
From Everand
The Little Book of Hygge: Danish Secrets to Happy Living
Meik Wiking
Rating: 3.5 out of 5 stars
3.5/5 (403)
A Man Called Ove: A Novel
From Everand
A Man Called Ove: A Novel
Fredrik Backman
Rating: 4.5 out of 5 stars
4.5/5 (4771)
Steve Jobs
From Everand
Steve Jobs
Walter Isaacson
Rating: 4.5 out of 5 stars
4.5/5 (809)
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
From Everand
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
Gilbert King
Rating: 4.5 out of 5 stars
4.5/5 (266)
The World Is Flat 3.0: A Brief History of the Twenty-first Century
From Everand
The World Is Flat 3.0: A Brief History of the Twenty-first Century
Thomas L. Friedman
Rating: 3.5 out of 5 stars
3.5/5 (2259)
The Art of Racing in the Rain: A Novel
From Everand
The Art of Racing in the Rain: A Novel
Garth Stein
Rating: 4 out of 5 stars
4/5 (4208)
A Tree Grows in Brooklyn
From Everand
A Tree Grows in Brooklyn
Betty Smith
Rating: 4.5 out of 5 stars
4.5/5 (1929)
The Yellow House: A Memoir (2019 National Book Award Winner)
From Everand
The Yellow House: A Memoir (2019 National Book Award Winner)
Sarah M. Broom
Rating: 4 out of 5 stars
4/5 (98)
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
From Everand
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
Dave Eggers
Rating: 3.5 out of 5 stars
3.5/5 (231)
Yes Please
From Everand
Yes Please
Amy Poehler
Rating: 4 out of 5 stars
4/5 (1903)
Team of Rivals: The Political Genius of Abraham Lincoln
From Everand
Team of Rivals: The Political Genius of Abraham Lincoln
Doris Kearns Goodwin
Rating: 4.5 out of 5 stars
4.5/5 (234)
The Woman in Cabin 10
From Everand
The Woman in Cabin 10
Ruth Ware
Rating: 3.5 out of 5 stars
3.5/5 (2522)
Wolf Hall: A Novel
From Everand
Wolf Hall: A Novel
Hilary Mantel
Rating: 4 out of 5 stars
4/5 (3973)
Fear: Trump in the White House
From Everand
Fear: Trump in the White House
Bob Woodward
Rating: 3.5 out of 5 stars
3.5/5 (738)
John Adams
From Everand
John Adams
David McCullough
Rating: 4.5 out of 5 stars
4.5/5 (2409)
On Fire: The (Burning) Case for a Green New Deal
From Everand
On Fire: The (Burning) Case for a Green New Deal
Naomi Klein
Rating: 4 out of 5 stars
4/5 (74)
The Light Between Oceans: A Novel
From Everand
The Light Between Oceans: A Novel
M.L. Stedman
Rating: 4.5 out of 5 stars
4.5/5 (789)
Manhattan Beach: A Novel
From Everand
Manhattan Beach: A Novel
Jennifer Egan
Rating: 3.5 out of 5 stars
3.5/5 (880)
The Constant Gardener: A Novel
From Everand
The Constant Gardener: A Novel
John le Carré
Rating: 3.5 out of 5 stars
3.5/5 (104)
The Unwinding: An Inner History of the New America
From Everand
The Unwinding: An Inner History of the New America
George Packer
Rating: 4 out of 5 stars
4/5 (45)
Rise of ISIS: A Threat We Can't Ignore
From Everand
Rise of ISIS: A Threat We Can't Ignore
Jay Sekulow
Rating: 3.5 out of 5 stars
3.5/5 (137)
Little Women
From Everand
Little Women
Louisa May Alcott
Rating: 4 out of 5 stars
4/5 (105)
Hyper Transport Technology
Document27 pages
Hyper Transport Technology
api-3827000
100% (1)
Sym Symphony 125 User Manual (EN)
Document24 pages
Sym Symphony 125 User Manual (EN)
Giulia_0
67% (3)
Qualitative Computer: Analyzing With Software
Document23 pages
Qualitative Computer: Analyzing With Software
Achraf Houila
No ratings yet
Computing Resource Manager Computing Resource Manager I (7282) Computing Resource Manager II (0741) Computing Resource Manager III (0740)
Document3 pages
Computing Resource Manager Computing Resource Manager I (7282) Computing Resource Manager II (0741) Computing Resource Manager III (0740)
Achraf Houila
No ratings yet
Arriving Checklist July2014 1
Document2 pages
Arriving Checklist July2014 1
Achraf Houila
No ratings yet
GPIO Option: 92-2427-01 Rev.C
Document14 pages
GPIO Option: 92-2427-01 Rev.C
Achraf Houila
No ratings yet
Tutorial
Document122 pages
Tutorial
AishwaryaNawkar
0% (1)
Product Quality For Competitive Advantage in Marketing: Meera Singh
Document4 pages
Product Quality For Competitive Advantage in Marketing: Meera Singh
Jerome Racelis
No ratings yet
Customer Training Catalog Course Descriptions: CDMA Product Technology Training
Document34 pages
Customer Training Catalog Course Descriptions: CDMA Product Technology Training
M Usman Bin Younas
No ratings yet
Script QoS PPPoE
Document5 pages
Script QoS PPPoE
cabunga2014
100% (2)
Manual Lexmark X748
Document342 pages
Manual Lexmark X748
Moisés Leonidas Brown
No ratings yet
Speaker Protection Circuit
Document3 pages
Speaker Protection Circuit
sontuyet82
0% (2)
Elcometer 266 DC High Voltage Holiday Detector Instruction Manual
Document60 pages
Elcometer 266 DC High Voltage Holiday Detector Instruction Manual
Edwin Velandia
No ratings yet
SS EN 3-7-2012 - Preview
Document18 pages
SS EN 3-7-2012 - Preview
Lethalbacon
No ratings yet
Casing Design Worksheet
Document90 pages
Casing Design Worksheet
Fauzandika Agung Prawira
No ratings yet
En 15085 Class
Document63 pages
En 15085 Class
0502ravi
100% (3)
Pro Sense Transmitters
Document3 pages
Pro Sense Transmitters
l
No ratings yet
IATF 16949 Whitepaper 148
Document3 pages
IATF 16949 Whitepaper 148
minh loc tran
No ratings yet
UMTS
Document5 pages
UMTS
bayubisworo
No ratings yet
Website Threats For Dummies
Document26 pages
Website Threats For Dummies
StarNazz
No ratings yet
3 Uptime vs. TIA-942 - Standard or Guideline
Document5 pages
3 Uptime vs. TIA-942 - Standard or Guideline
Adel Hlilou
100% (1)
Chapter 6 Laplace Transforms
Document20 pages
Chapter 6 Laplace Transforms
hanytheking
No ratings yet
Etabs Mate Quick Start - en
Document27 pages
Etabs Mate Quick Start - en
sipil
No ratings yet
G-INST-004.231-A Checklist For Displacement Type Level Instrument
Document6 pages
G-INST-004.231-A Checklist For Displacement Type Level Instrument
milton1987
No ratings yet
EN 10210-2 2006 Hot Finished Structural Hollow Sections of Non Alloy and Fine Grain Steels - Part 2 Tolerances Dimensions and Sectional Properties PDF
Document32 pages
EN 10210-2 2006 Hot Finished Structural Hollow Sections of Non Alloy and Fine Grain Steels - Part 2 Tolerances Dimensions and Sectional Properties PDF
Joao Mendes
No ratings yet
Mack 427 PDF
Document104 pages
Mack 427 PDF
Herlan Garcia
No ratings yet
Lte Tput WP 08july2016
Document15 pages
Lte Tput WP 08july2016
Bijoy Banerjee
No ratings yet
On The in Uence of Weld Porosity On Fatigue Strength: October 2016
Document2 pages
On The in Uence of Weld Porosity On Fatigue Strength: October 2016
azerai2000
No ratings yet
BuildingSMART IFC4 What Is New
Document25 pages
BuildingSMART IFC4 What Is New
laurenssen
0% (1)
Answers 4
Document14 pages
Answers 4
Nikita Laptev
No ratings yet
AutoTap Manual
Document54 pages
AutoTap Manual
Daniel Bernard
No ratings yet
Oly Tibu0038
Document3 pages
Oly Tibu0038
victor.cipriani
No ratings yet
Boeing 737-300 Vip
Document8 pages
Boeing 737-300 Vip
Juan Eduardo Salazar Zambrana
No ratings yet
SB53 Service Manual
Document26 pages
SB53 Service Manual
pieter
No ratings yet
Indesit WG 1031tpr Service Manual
Document33 pages
Indesit WG 1031tpr Service Manual
Andrea_Diaco_4695
No ratings yet