Join Log in
Score:2
Shi Tang avatar Crypto

Small subgroup confinement attack on Diffie-Hellman: shared key is 1

mm flag
Shi Tang

I've found a post here: Small subgroup confinement attack on Diffie-Hellman which says we can pick $k$ in this way: enter image description here

And, as we know, $2$ will always be a prime-factor of $p−1$, therefore there will be a subgroup with two elements, that don’t generate anything besides themselves. Obviously the neutral element $1$ is in that subgroup, the other element is $p−1$; In this way, can we just pick $k = {(p-1) \over 2}$ as $w=2$; then, Eva can make sure that the so called shared key must be $1$ or $p-1$?

By the way, I really do some test and I find the result of shared key is really $1$....

But as far as I know, DH is really a secure algorithm, so I think I must have made a mistake; can anybody tell me where I'm mistaken?

79
1 + 0
Score:1
kodlu avatar Crypto
sa flag
kodlu

Diffie Hellman is vulnerable to an active man in the middle (MITM) attack, and this is one version of such an attack, since Eve is modifying the transmitted values and forwarding them on.

See for example the question and answers here for MITM attacks on DH and possible countermeasures.

+ 1
Shi Tang avatar
mm flag
Shi Tang
Thanks for your answer. It really remind me that maybe the countermeasure of this kind of attack is using the certificate; For let's say, if we consider Bob as a server end, it must have it's domain's certificate singed by any famous CA. Then, Alice will only establish the secure connection when Alice check the PUBLIC KEY B is the correct one described in Server's certificate which is singed by CA.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.