SNS Assignment - 4

International Institute of Information Technology

Hyderabad
System and Network Security (CS5470)
Assignment 4: Improving PGP Protocol for E-mail Security Purpose

Harish Kumar Datla

RollNo : 2018202026

1. Explain in detail with proper logic, why PGP is vulnerable to the middle attack as explained by
the author, Kuobin

Sol :
For the man in the middle attack that we are gonna carry , we need the following.

A - private key S​A ,​ public key P​A

B - private key S​B​, public key P​B​ Random number generator
C - private key S​C​, public key P​C

1) A sends a message to inform B that he is A

2) The middle man(intruder) interrupts the message and sends as it is to B
3) Upon receiving the message, B sends a random number RN​b​ to A.
4) Middle man interrupts the message, keeps a copy of the random number RNb and
sends the same number RN​b​ to A.
5) A receives the random message from the middle man, A encrypts the message with his
secret key S​A​ and sends it to B.
6) Middle man interrupts the message from A and sends RN​b​ to B as he already has it
saved with him and send RN​b​ by encrypting his own secret key S​C​.
7) Now B request A to send his public key
8) Middle man sends the message as it is to A, requesting for his public key
9) A receives the request and send his public key P​A​ to B
10) Middle man intercepts the message and sends his own public key P​A​ to B.
11) B decrypts the message sent by C which RN​b​ encrypted with S​C​, with public key P​C​ and
gets back RNb. Hence this is a man in the middle attack.
The attack process is illustrated in the figure below. As you can see in this process the
middleman can take advantage of the Public key sharing by B. This shows that the PGP
protocol can be broken by a man in the middle attack.
Q2) Provide a more secure and efficient solution on the scheme provided by Kuobin. Discuss
how your scheme can withstand the middle attack strongly
As we can see one of the vulnerable part in the above mechanism is where the public key of A
is interrupted by the middle man C, so if we somehow can get a secret key that only A and B
know, then it solves the problem, we already have popular key sharing algorithms like
Diffie-Hellman,RSA, etc, etc key exchange algorithms so we can employ that.
But since even the secret key can be compromised, we need to ensure that
the key cannot be compromised.

If we have a trusted authority who can certify the public key, then we don't even need to have a
common security key.public key can be digitally signed by the users at a central certified
authority. The central certified authority then associates that public key with the user in its
registry.So when A and B would like to check the authenticity of the public key that they have
received from each other, they check the validity of the public key they received with the central
certified authority, thus ensuring the keys they received were from the users that they intended.

Defence to Man in the middle attack.

So if we see the diagram in the 1st question when the middle man sends his own key while
assuming the identity of A, then the central certified authority will notify that the user is not what
he claims to be, then the attack is stopped.

alternatively we can use Public key infrastructure,

in Public key infrastructure, the certificate is issued by a certificate authority, which binds both
the public key and identity of the user.

The man in the middle attack can be stopped by checking the identity with the CA.