0

For a crypto course I need to realize a small software project where a client and a server want to communicate over a unsecured network. They both have the same secret. So I bascially have to secure Diffie Hellman against MIM attacks.

Now I must admit that I don't really understand the mathematics behind DH, but I grasp the concept with easy words: Both generate a random private key, share their random generated public key. Then both parties can calculate the symmetrical key from that.

Is there an easy way to secure DH against MIM? My workaround would be to just use the DH sym key, add the shared secret (as "salt") and generate a new sym key from it by using PDKF2. But I'm sure there is smarter way to do this?

Standard
  • 101
  • 1
  • @kelalaka we can't use CAs in this task. Is just have to make DH secure with the pre shared key. – Standard Apr 30 '20 at 13:58
  • A Pre Shared Key (PSK) is mitigation, using a Certificate Authority (CA) is the robust solution and Short Authentication String (SAS). One can also use the Intelock Protocol – kelalaka Apr 30 '20 at 15:05
  • If the client and the server already have a pre-shared key, then it's not clear what the need is for DH key exchange. Is it because you want the client and the server to share an ephemeral key? If so, then the client and the server can commence with ECDHE, and use the pre-shared key to mutually authenticate - e.g. by using the pre-shared key as the key to an HMAC function. – mti2935 Apr 30 '20 at 17:04
  • @mti2935 as the preshared key is always the same, I want to have a "random" key each time a connection is made, but without letting a MIM in. I will take a look at ECDHE but I think my prof wants me to implement my own DH, where I use my preshared key to secure the connection against a MIM. – Standard Apr 30 '20 at 17:18

0 Answers0