Question

In: Computer Science

Show with a diagram or algorithm a man-in-the-middle attack on the Simple Secret Key Distribution Protocol.

  1. Show with a diagram or algorithm a man-in-the-middle attack on the Simple Secret Key Distribution Protocol.

Solutions

Expert Solution

In cryptography , a man-in-the-middle attack is a cyber attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

Suppose Alice wishes to communicate with Bob. Meanwhile, Meg wishes to intercept the conversation to eavesdrop and optionally to deliver a false message to Bob.

First, Alice asks Bob for his public key. Meg is able to intercept it.

1. Alice sends a message to Bob, which is intercepted by Meg:

Alice "Hi Bob, it's Alice. Give me your key."Meg( intercepted) Bob

2. Meg relays this message to Bob; Bob cannot tell it is not really from Alice:

Alice   Meg (intercepter) "Hi Bob, it's Alice. Give me your key." →   Bob

3. Bob responds with his encryption key thinking its alice:

Alice   Meg(intercepter)   ← [Bob's key] Bob

4. Meg replace Bob encryption key by her key and send to Alice claiming to be Bob

Alice[Bob's key]  Meg(intercepter)  Bob

5. Thinking the opposite person to be Bob, Alice Encrypt the message using Bob key and send it thinking only Bob can read it

Alice "Lets visit Library now!" [encrypted with Meg key thinking to be Bob Key] →   Meg(intercepter) Bob

6. However, because it was actually encrypted with Meg key, Meg decrypt it, read it, modify it (if desired), re-encrypt with Bob's key, and forward it to Bob:

Alice   Meg (intercepter) "Lets bunk class" [encrypted with Bob's key] →   Bob

7. Bob thinks that this message is a secure message from Alice.


Related Solutions

Explain the differences between a replay attack and a Man-in-the-middle attack.
Explain the differences between a replay attack and a Man-in-the-middle attack.
Man-in-the-middle is one of the most popular types of attack. It can be used to sniff...
Man-in-the-middle is one of the most popular types of attack. It can be used to sniff victims credentials to penetrate their system. Research the following attacks to find methods to prevent this from happening: MAC spoofing DNS poisoning DNS spoofing ICMP redirect
INTERNET OF THINGS (IOT) 28. Hackers have employed ‘Man in the Middle Attack (MITM)’ on your...
INTERNET OF THINGS (IOT) 28. Hackers have employed ‘Man in the Middle Attack (MITM)’ on your IT infrastrucutre. How would you explain (with a suitable diagram) this type of attack to your apprentice who has just started working for you?
How would you use a man-in-the-middle attack to capture a password? Provide a detailed description.
How would you use a man-in-the-middle attack to capture a password? Provide a detailed description.
1. Provide a scenario depicting a man-in-the-middle attack. 2. What will always be the weakest link...
1. Provide a scenario depicting a man-in-the-middle attack. 2. What will always be the weakest link in any security implementation? Why? 3. Define the method and purpose of social engineering.
Problem 4 | A modied man-in-the-middle attack on Diffie-Hellman Suppose Alice and Bob wish to generate...
Problem 4 | A modied man-in-the-middle attack on Diffie-Hellman Suppose Alice and Bob wish to generate a shared cryptographic key using the Diffie-Hellman protocol. As usual, they agree on a large prime p and a primitive root g of p. Suppose also that p = mq + 1 where q is prime and m is very small (so p - 1 = mq has a large prime factor, as is generally required). Since g and p are public, it is...
. (a) Draw the basic setup for quantum key distribution. (b) Explain the “intercept-resend” attack that...
. (a) Draw the basic setup for quantum key distribution. (b) Explain the “intercept-resend” attack that Eve can attempt (draw a simple figure). (c) Explain how this attack is thwarted by the quantum key distribution protocol. How can Eve’s attack be detected? (d) What does the security of quantum key distribution rely on fundamentally?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT