Lecture 10: Key Exchange (Feb 24th)

On Wednesday the 24th, CS 450 consisted of a presentation from Chris and lecture for Dr. Gunes. First, Chris presented on Man in the Middle (MITM) attacks. Basically, the theory behind it is that an attacker could get between two entities in which are communicating and be able to read/modify the messages between them. Chris mainly went over how they worked, are prevented, and presented some of the tools one could use to help execute an attack (Cain and Able, Ettercap, Dsniff, etc). For the lecture, Dr. Gunes talked about ways to exchange Public/Private encryption keys. Some ways to exchange Public keys are by: publically announcing them to everyone, publically announcing them to users of a directory service, using a public key authority, or by using public key certs. You can also exchange private keys, and the two ways to do it (well, in which we talked about in class) where by using Merkle’s simple way or Diffie-Hellman’s more complex way. The major vulnerabilities in key exchanges are key forgery and man in the middle attacks.