KINDLY JUST INTERACT AND JUST NEEDED TO ANSWER THE NUMBER 1
AND 2 FOR 125 WORDS EACH FROM THE TUTORS
VIEW POINT THANKS A LOT.
1)
Based on your understanding of how AES was chosen, what is
your opinion of the criteria used?
AES from my understanding has very few cons. The government
uses AESto replace DES because the attacks are less likelybecause
of the larger key size.The 128-bit and 256-bit are both strong
andless likely to have an attack because of the strong keyschedule.
I’m sure that all mathematical operations have been attempted to engagea
number ofrounds, but the AES algorithm is fartoocomplex to
crack.
Why do you think these criteria were important?
The criteria are important because of the security involved.
For example, if government agencies were compromised by exposing sensitive
information, this could impact security, DOD, Homeland Security, etc. AES has
very few cons and implementing this feature in all databases is a no brainer.
According to IBM.com, “A data breach in the US costs over twice the global
average”. Proof is in numbers, and the numbers suggest that AES seems to be the
best when it comes to security.
2)
The Diffie-Hellman key exchange was one of the most
important developments in public-key cryptography and it is still frequently
implemented in a range of today’s different security protocols(Lake,
2021).
- Define
theDiffie-Hellman key exchange. How is this information
relevant to you?
The Diffie -Hellman is one of the first public-key
procedures and is a certain way of
exchanging the cryptographic keys securely(Aryan,
2017). The Diffie-Hellman key exchange is also called the Exponential Key
Exchange. It is digital encryption. It was introduced by Ralph Markel and named
after Whitfield Diffie and Martin Hellman. The sender and receiver make a
common secret key. In the Diffie-Hellman algorithm sender and receiver communicate
with each other over the public channel. Uses modular arithmetic and discreet
logarithm for making a common key for both sender and receiver. Uses
communication channels. Both sender and receiver choose a common prime number.
Ma-in-the-middle attacks, Insider attacks, outsider attacks, and
known-plaintext attacks are a few known attacks that can penetrate the
Diffie-Hellman algorithms.
- What
is the purpose of the algorithm? Be specific.
The purpose of the algorithm is to make it possible to
communicate over the public channel with a discreet logarithm. The algorithm
allows those who have never met before to safely create a shared key, even over
an insecure channel that adversaries may be monitoring(Lake, 2021). The
main purpose of the Diffie-Hellman key exchange is to securely develop shared
secrets that can be used to derive keys. These keys can then be used with
symmetric-key algorithms to transmit information in a protected manner.
Symmetric algorithms tend to be used to encrypt the bulk of the data because
they are more efficient than public key algorithms(Lake, 2021).
- How
does it work? Give an example from personal experience or one that you
have read about.
If two people want to send a private message on an unsecured
channel they both must pick a random number. They both pick their number. The
first part of the exchange begins with an agreed-upon function of the form G^a
mod P. This formula is known to all parties. The communicators will agree on
the same number to fulfill G and P. P must be a prime number. In real use,
these numbers are huge (at least 2048 bits, or 617 digits). The bigger the
number, the more difficult it is to crack the exchange using a brute-force
attack. In practice, these numbers are picked with a pseudo-random
generator(Tyson, 2022). I have been reading and watching videos about the
Diffie-Hellman key exchange and the process to get a secure secret on an
insecure channel is very confusing. For example, if you have Alice and Bob that
wants to send a message to each other, but they want it secret in a public
channel. They use modular arithmetic and discreet logarithm for making a common
key. Alice and Bob both decide to use P and g. The p is a prime number, and the
g is a number that is smaller. They both agree that the P is twenty-nine and
the g is three. Alice and Bob pick a private key that they do not give each
other. Alice is a and the number is five and bob is b, and his number is four.
Alice
A = g^a mod p
A = 3^5 mod 29
A = 243 mod 29
A = 11 is then sent to bob
Bob
B= g^b mod p
B = 3^4 mod 29
B = 81 mod 29
B = 23 is then sent to Alice
Then Alice takes is number
S = B^a mod p
S = 23^5 mod 29
S = 6,436,343 mod 29
S = 25
Bob
S = A^b mod p
S = 11^4 mod 29
S = 14,641 mod 29
S = 25
A and B are the only numbers seen on the public channel and
have the same secret integer. I am confused about the point where the
calculation is 243 mod 29! It states that it equals eleven. I do not understand
the math from this point. Diffie-Hellman is a way to send secret information
over a public channel. These numbers I got from YouTube Diffie-Hellman Key
Exchange Explained | A deep dive. I used their numbers because I did not
understand how to calculate 243 mod 29.
- What
would be an appropriate implementation in an organization for the
algorithm?
The Diffie-Hellman algorithm is being used to establish a
shared secret that can be used for secret communications while exchanging data
over a public network using the elliptic curve to generate points and get the
secret key using the parameters.
For the sake of simplicity and practical implementation of
the algorithm, we will consider only four variables, one prime P and G (a
primitive root of P) and two private values a and b.
P and G are both publicly available numbers. Users (say
Alice and Bob) pick private values a and b and they generate a key and exchange
it publicly. The opposite person receives the key and that generates a secret
key, after which they have the same secret key to encrypt(Algorithm, 2022).
- In
what types would this be appropriate?
Diffie-Hellman key exchange is often used to help secure
your connection to a website, remotely access another computer, and for sending
encrypted emails(Lake, 2021). Business or a company wanting a secure connection
to a website.
References
Algorithm, I. o.-H. (2022, June 9).Implementation
of Diffie-Hellman Algorithm. Retrieved from Geeks for Geeks:
www.geeksforgeeks.org
Aryan, C. K. (2017, November). Enhanced diffie-hellman
algorithm for reliable key exchange.IOP Conference Series. Materials
Science and Engineering; Bristol Vol. 263, Iss. 4,, 9. Retrieved from
IOP Conference Series.Materials Science and Engineering, 263(4)https://doi.org/10.1088/1757-899X/263/4/042015.
Lake, J. (2021, March 23).What is the
Diffie–Hellman key exchange and how does it work?Retrieved from
CompariTech: www.comparitech.com
Tyson, M. (2022, January 20).Understand
Diffie-Hellman key exchange. Retrieved from Info World: www.infoworld.com