Question

During TLS handshake, the client hello and the server hello messages are not encrypted or authenticated. Explain why a man-in-the-middle cannot exploit these messages. Answer for both Diffie-Hellman and RSA case.?

Answer 1

A MITM (Man-In-The-Middle ) attack happens when a communication between two systems is intercepted by an outside entity. This can happen in any form of online communication, such as email, social media, web surfing, etc. Not only are they trying to eavesdrop on your private conversations, they can also target all the information inside your devices.

Taking away all the technicalities, the concept of an MITM attack can be described in a simple scenario. Imagine being brought back to the days of old when snail mail was rife. Jerry writes a letter to Jackie expressing his love for her after years of hiding his feelings. He sends the letter to the post office and it’s picked up by a nosy mailman. He opened it and, just for the hell of it, he decided to rewrite the letter before delivering the mail to Jackie. This results in Jackie hating Jerry for the rest of her life after “Jerry” called her a fat cow. The moral of the story is the mailman is a jerk, and so are hackers.

Over the years, hackers found various ways to execute MITM attacks and believe it or not, it has become relatively cheap to buy a hacking tool online, just proving how easy hacking someone can be if you have enough money. Here are some common types of MITM attacks your business will most likely encounter:

Email Hijacking
Similar from the case above, hackers who use this tactic target email accounts of large organizations, especially financial institutions and banks. Once they gain access to important email accounts, they will monitor the transactions to make their eventual attack a lot more convincing. For example, they can wait for a scenario where the customer will be sending money and respond, spoofing the company’s email address, with their own bank details instead of the company’s. This way, the customer thinks they’re sending their payment to the company, but they’re really sending it right to the hacker.

Wi-Fi Eavesdropping
Most MITM attacks thrive on Wi-Fi connections. In one approach, hackers will set up a Wi-Fi connection with a legitimate-sounding name. All the hacker has to do is wait for you to connect and he’ll instantly have access to your device. Alternatively, the hacker can create a fake Wi-Fi node disguised as a legitimate Wi-Fi access point to steal the personal information of everyone who connects.

Session Hijacking
Once you log into a website, a connection between your computer and the website is established. Hackers can hijack your session with the website through numerous means. One popular option they use is stealing your browser cookies. In case you don’t know, cookies store small pieces of information that makes web browsing convenient for you. It can be your online activity, login credentials, pre-fill forms, and in some cases, your location. If they got hold of your login cookies, they can easily log into your accounts and assume your identity.

Diffie-Hellman allows for forward secrecy. In the protocol you describe, if the private key is ever leaked all previously exchanged keys are leaked. If we only use RSA to authenticate keys created with Diffie-Hellman, past keys are safe even if you lose control over your private key in the future.

Diffie-Hellman is not a public-key encryption scheme. It is a key agreement scheme. The difference being that with key agreement, neither Alice nor Bob has any say in what the resultant shared secret ends up being. They both arrive at a mutually shared secret, but it is not selected explicitly by either of them.

With public-key encryption being used for key exchange, then yes, one of them could pick a random k, encrypt the result, then send it to the other party.

Benefits include:

• Smaller parameters, which implies faster processing. Especially so for Elliptic Curve Diffie-Hellman.
• If the public keys are both known already, then computing the shared secret requires no network traffic
• No/less concern about the shared secret being of low quality

Suppose If A sends k to B, and Al machine has insufficient entropy and/or a poor quality random number generator, then k can be guessed by an adversary
If both DH private keys are sufficiently strong, then the shared secret should be so as well.

The Diffie-Hellman Key Exchange

Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses numbers raised to specific powers to produce decryption keys on the basis of components that are never directly transmitted, making the task of an intended code breaker mathematically overwhelming. Diffie–Hellman key exchange establishes a shared secret between two parties that can be used for secret communication for exchanging data over a public network and actually uses public key techniques to allow the exchange of a private encryption key.

RSA
RSA is a cryptosystem for public-key encryption and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet. RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts Institute of Technology. Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity, and non-reputability of electronic communications and data storage.

RSA derives its security from the difficulty of factoring large integers that are the product of two large prime numbers. Multiplying these two numbers is easy, but determining the original prime numbers from the total, that’s factoring, is considered infeasible due to the time it would take even using today’s super computers. The RSA algorithm involves four steps: key generation, key distribution, encryption, and decryption. The public and the private key-generation algorithm is the most complex part of RSA cryptography and falls beyond the scope of this post. You may find an example on Tech Target.

Both RSA and Diffie-Hellman are public key encryption algorithms strong enough for commercial purposes because they are both based on supposedly intractable problems, the difficulty of factoring large numbers and exponentiation and modular arithmetic respectively. The minimum recommended key length for encryption systems is 128 bits, and both exceed that with their 1,024-bit keys. Both have been subjected to scrutiny by mathematicians and cryptographers, but given correct implementation, neither is significantly less secure than the other.

The nature of the Diffie-Hellman key exchange, however, makes it susceptible to man-in-the-middle (MITM) attacks, since it doesn't authenticate either party involved in the exchange. The MITM maneuver can also create a key pair and spoof messages between the two parties, who think they're both communicating with each other. This is why Diffie-Hellman is used in combination with an additional authentication method, generally digital signatures.