By default, the Internet is unsecured. Data transferred between two hosts is not encrypted by default. As a result, attackers can intercept the connection easily and listen to the conversation. To address the problem, we use protocols like SSH, SSL, and TLS. These protocols establish a secure connection between two hosts and encrypt the data before transferring it. Email communications, bank transactions, or VPN connections rely on these security protocols.
To establish a secure connection over an unsecured network, two hosts need to agree on a few parameters like the secret keys using which the data is encrypted. Then, the data is encrypted and transferred. The Diffie-Hellman Key Exchange Protocol is used for that purpose.
To transfer data in an encrypted format, the two hosts that are communicating over the unsecured network need to agree on some secret parameters. These parameters need to be exchanged even before a properly secure connection is established. So, before the connection is encrypted, communication can be intercepted by an attacker. So, the secret parameters cannot be exchanged as it is. The Diffie-Hellman Key Exchange Protocol enables two hosts to agree on secret parameters for secure communication without transferring the secret parameters themselves. In the Logjam attack, attackers make a client and a server select weaker parameters for Diffie-Hellman Key Exchange and exploit that to steal sensitive data.
0 Comments