Читать книгу Cryptography, Information Theory, and Error-Correction - Aiden A. Bruen - Страница 79

We concentrate on the Diffie–Hellman key‐exchange. The Elliptic Curve key‐exchange discussed in Chapter 6 is very similar, the main difference being that it uses a different group.

Basically, the intruder Eve impersonates B to A and A to B. We use the notation of Section 3.7. Eve chooses an exponent , and intercepts both from A to B and from B to A. The procedures is as follows:

1 Eve intercepts from A to B and sends to A.

2 Eve computes , i.e. .

3 A computes . Thus, Eve and A have a common secret key .

4 Eve intercepts from B to A and sends to B. Then Eve and B establish a common secret key . .

When A sends a message to B encrypted with then Eve intercepts it, decrypts it with , encrypts it with and sends it to B. B decrypts it with .

A and B have no idea that Eve is in possession of their secret. To avoid the attack, A and B need a procedure that authenticates A(B) to B(A). One way of achieving this is by using digital signatures.