The Diffie–Hellman key exchange protocol is vulnerable to a “man-in-the-middle” attack Outline how Diffie–Hellman can be extended to protect against this attack.
DIFFIE-HELLMAN:
The Diffie-hellman key exchanging algorithm is used to exchange the key over the network. But there is no exchange of key actually what happens in Diffie-hellam key exchanging algorithm is just jointly deriving the key.
MITM(Man in the middle attack):
It is a cyber attack when data is transferring through the network if the third person can accessing the data or spying the communication is called MITM.
Vulnerability in Diffie-Hellman:
Diffie-Hellman key exchange is vulnerable to a man-in-the-middle attack. If "A" exchanging key with "B". "A" has its own public and private keys. "B" also has its own public and private keys. "C" is a hacker. "A" and "B" publicly transfer their public keys to each other. In that transformation "C" replace "A" public key with his key sends to "B" in the same way "C" replace "B" public key with his key sends to "A". After key exchange "C" decrypts any messages sent out by "A" or "B". This is Vulnerable to MITM.
How to prevent Man in the middle:
Here we can see "A" think that he exchanged key with, "B" and "B" think that he exchanged key with "A" but actually what happing is "A" and "B" both are exchanging their keys to "C" but they don't know that. Because With digital signature we can protect from Man in the middle attack. With this, we "A" can know is this key came from "B" or not. Like "B" also know is is this key came from "B" or not. So "A" and "B" can know some third party is interrupted between them. Digital Signature is used for identity is this massage or data came from that particular person or not. It's very unique value. "A" and "B" compute their signatures on the massages during the protocol. Without their private keys "C" can't know the message.
Any queries feel free to ask.
Please give your positive feedback.
Thank you.
Get Answers For Free
Most questions answered within 1 hours.