|
Alice checks the signature (with :math:`Bob_{pub}`) and the certificate and computes :math:`S_{A}=B^{a} \mod p`
|
|
|
Bob computes :math:`S_{B}=A^{b} \mod p`
|
|
|
This prevents the attack mentioned above since Mallory cannot create a fake certificate and cannot sign a value by using Bob's private key. Given the risk of man-in-the-middle attacks, the Diffie-Hellman key exchange mechanism should never be used without authentication.
|
|
|
Footnotes
|
Notes de pied de page
|
|
The wikipedia page on passwords provides many of these references : https://en.wikipedia.org/wiki/Password_strength
|
|
|
A detailed explanation of the operation of the RSA algorithm is outside the scope of this e-book. Various tutorials such as the `RSA page <https://en.wikipedia.org/wiki/RSA_(cryptosystem)>`_ on wikipedia provide examples and tutorial information.
|
|
|
A detailed explanation of the ECC cryptosystems is outside the scope of this e-book. A simple introduction may be found on `Andrea Corbellini's blog <http://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/>`_. There have been deployments of ECC recently because ECC schemes usually require shorter keys than RSA and consume less CPU.
|
|