# HG changeset patch # User Christian Urban # Date 1415277125 0 # Node ID 47e06cb75837f6c90de4251fc734dd90f08f3c94 # Parent 2492b771122e3e2f60ea1f820de9b93afde25608 updated diff -r 2492b771122e -r 47e06cb75837 handouts/ho05.pdf Binary file handouts/ho05.pdf has changed diff -r 2492b771122e -r 47e06cb75837 handouts/ho05.tex --- a/handouts/ho05.tex Thu Nov 06 00:23:45 2014 +0000 +++ b/handouts/ho05.tex Thu Nov 06 12:32:05 2014 +0000 @@ -534,16 +534,17 @@ \subsubsection*{Averting Person-in-the-Middle Attacks} The idea of public-private key encryption is that one can make -public the key $K^{pub}$ which people can use to encrypt -messages for me. and I can use my key $K^{priv}$ to be the -only one that can decrypt them. While this sounds all good, it -relies that people can associate me, for example, with my -public key. That i snot so trivial as it sounds. For example, -if I would be the government, say Cameron, and try to find out -who are the trouble makers in the country, I would publish an -innocent looking webpage and say I am The Guardian newspaper -(or alternatively The Sun for all the juicy stories), publish -a public key on it, and then just wait for incoming messages. +publish the key $K^{pub}$ which people can use to encrypt +messages for me and I can use my private key $K^{priv}$ to be +the only one that can decrypt them. While this sounds all +good, it relies on the ability that people can associate me +with my public key. That is not as trivial as it sounds. For +example, if I would be the government, say Cameron, and try to +find out who are the trouble makers in the country, I would +publish an innocent looking webpage and say I am The Guardian +newspaper (or alternatively The Sun for all the juicy +stories), publish a public key on it, and then just wait for +incoming messages. This problem is supposed to be solved by using certificates. The purpose of certification organisations is that they verify @@ -654,13 +655,13 @@ public key. Finally $B$ checks whether the received $M_1$ matches with its first half, and if yes sends $A$ its second half $M_2$. Now $A$ and $B$ are in the possession -of $H_1$ and $H_2$, respectively $M_1$ and $M_2$ and can +of $H_1$ and $H_2$, respectively $M_1$ and $M_2$, and can decrypt the corresponding messages. Now the big question is, why on earth does this splitting of messages in half and additional message exchange help with defending against person-in-the-middle attacks? Well, -lets try to be such an attacker. As before we intercept +let's try to be such an attacker. As before we intercept the messages where public keys are exchanged and inject our own. @@ -725,7 +726,7 @@ \noindent Now $E$ is in the possession of $H_1$ and $H_2$, which it can join together in order to obtain $\{A,m\}_{K^{pub}_E}$ which it can decrypt. It seems -like from now on all is lost, but lets see: in order to +like from now on all is lost, but let's see: in order to stay undetected it must send a message to $B$. It now has two options: one is to use the newly obtained knowledge and modify $A$'s message to be @@ -770,9 +771,9 @@ With this the protocol has ended. $E$ was able to decrypt all messages, but what messages did $A$ and $B$ receive and from -whom? Do you notice that they will find out that something -strange has happened and probably not talk on this channel -anymore? I leave you to think about it. +whom? Do you notice that $A$ and $B$ will find out that +something strange has happened and probably not talk on this +channel anymore? I leave you to think about it. Recall from the beginning that a person-in-the middle attack can easily be mounted at the key fob and car @@ -825,10 +826,10 @@ that you sit in the ``middle'' of the communication of two people. You just have to route their traffic through a node you own. -An article in The Guardien from 2013 reveals how GCHG and the NSA at a +An article in The Guardian from 2013 reveals how GCHG and the NSA at a G20 Summit in 2009 sniffed emails from Internet cafes, monitored phone calls from delegates and attempted to listen on phone calls which were made -by Russions and which were transmitted via satelite links: +by Russians and which were transmitted via satellite links: \begin{center} \url{http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits}