Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Without using Private and Public keypairs, i do not understand how Diffie-Hellma

ID: 660348 • Letter: W

Question

Without using Private and Public keypairs, i do not understand how Diffie-Hellman is able to generate a secret key between two parties on the internet without passing something between that could be sniffed. There is a term for this that comes from Generals sending messages through hostile territory. I do not understand the math or logic behind DH and just can not see how it is possible. Someday i will spend another week or two going over the math, but until i can verify, i cannot trust. Further why use it when public private key pairs can be used to establish a shared session key with much less risk?

On the other hand, the uneducated masses historically sling pitchforks into progress. Explain it to me like i am 5, how can DH provide a known secret to two parties over an unencrypted connection without it being intercepted via MITM?

Changed title from: "When a public-private keypair is already in place, why is Diffie-Hellman used at all?"

Explanation / Answer

Diffie-Hellman is a key exchange algorithm. The good question to ask is: exchanging a key, yes, but with whom ?

From a network point of view, you "see" other people only through the packets they send to you; and since everybody can buy the same kind of PC, everybody can send the same packets -- except that some people/system may know some values that other do not. In cryptography, knowledge is power, meaning that you are what you know. If you begin to exchange data with Alice, you know you are talking to Alice and not to Bob because Alice can send some message to you which could have been computed only by someone knowing some given value, and you somehow know that there is someone called "Alice" who knows that value, and someone else called "Bob" who does not.

If, in your model, you don't at least define that there are several possible interlocutors with distinct knowledge, then the notion of "man-in-the-middle" does not even make sense, because all other people, in that model, are identical. If you want to talk about man-in-the-middle attack and how to avoid them, then you must first define who you want to be talking to, and that entails specifying what that system/person knows, that the attacker does not.

In short words: MitM is a special case of impersonation (a double-impersonation, even), where an attacker assumes the identity of somebody else. So you need a notion of "identity" before beginning to discuss MitM attacks.

Related Questions

Without corrective lenses, a near-siqhtrd person can see clearly only objects th
Question #1270169
Without doing a calculation, predict whether the entropy change will be positive
Question #1055949
Without doing a calculation, predict which ofthe following statements is true for the reaction?
Question #683472
Without doing any calculations (just compare the correct K sp values) complete t
Question #940432
Without doing any calculations, determine the sign < or> for each system and sur
Question #733263
Without doing any calculations, determine the sign of %u0394 S s y s and %u0394
Question #783897
Without doing any calculations, determine the sign of S sys for each of the foll
Question #521682
Without doing any calculations, determine the sign of Ssys and Ssurr for each of
Question #1013310
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Without using BufferedReader** Students are often asked to write term papers con
Next
Without using \'GROUP BY\' clause in any SELECT statements, write a Transact-SQL

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.