John works as a professional Ethical Hacker. He has been assigned the project of testing the security
of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-inthe-middle attack since the key exchange process of the cryptographic algorithm it is using does not
thenticate participants. Which of the following cryptographic algorithms is being used by the Weare-secure server?
A.
Blowfish
B.
Twofish
C.
RSA
D.
Diffie-Hellman
Explanation:
According to this scenario, we-are-secure.com is using the Diffie-Hellman cryptographic
algorithm to encrypt data into the network. The DiffieHellman encryption was developed by Diffie and Hellman in 1976 and published in the paper named
“New Directions in Cryptography.” It is a
key agreement protocol (also called exponential key agreement) that allows two users to exchange a
secret key over an insecure medium(such as the Internet) without any prior secrets. The original protocol had two system parameters, p
and g. They are both public and may be
used by all the users in a system. The Diffie-Hellman key exchange was vulnerable to a man-in-themiddle attack, as Diffie-Hellman key
exchange does not authenticate the participants.
The current form of the Diffie-Hellman protocol (also known as authenticated Diffie-Hellman key
agreement protocol, or Station-to-Station
(STS) protocol), was developed by Diffie, Van Oorschot, and Wiener in 1992 to overcome the man-inthe-middle attack. This is achieved by
allowing the two parties to authenticate themselves to each other by the use of digital signatures
and public-key certificates. The DiffieHellman protocol is an example of a much more general cryptographic technique, the common
element being the derivation of a shared secret
value (that is, key) from one party’s public key and another party’s private key. The parties’ key pairs
may be generated anew at each run of
the protocol as in the original Diffie-Hellman protocol. The public keys may be certified so that the
parties can be authenticated and there may
be a combination of these attributes.
Answer option C is incorrect. The RSA algorithm is an example of the public key algorithm in which
the public key is generated from the private
key. In the RSA algorithm, public and private keys are generated as follows:
1.Choose two large prime numbers p and q of equal lengths, and compute n=p*q.
2.Choose a random public key e such that e and (p-1)*(q-1) are relatively prime.
3.Calculate e*d=1*mod[(p-1)*(q-1)]. Here, d is a private key.
4.Calculate d=e^(-1)*mod[(p-1)*(q-1)].
5.Now (e,n) and (d,n) are the public and private keys respectively.
Answer option A is incorrect. Blowfish is a symmetric 64-bit block cipher that can support key
lengths up to 448 bits. It is included in a large
number of cipher suites and encryption products. It was designed in 1993 by Bruce Schneier and is
freely available for anyone to use. This has
contributed to its popularity in cryptographic software.