Preventing man-in-the-middle attack in Diffie-Hellman key exchange protocol

Paper


Khader, Aqeel Sahi and Lai, David. 2015. "Preventing man-in-the-middle attack in Diffie-Hellman key exchange protocol." 22nd International Conference on Telecommunications (ICT2015). Sydney, Australia 27 - 29 Apr 2015 United States. https://doi.org/10.1109/ICT.2015.7124683
Paper/Presentation Title

Preventing man-in-the-middle attack in Diffie-Hellman key exchange protocol

Presentation TypePaper
AuthorsKhader, Aqeel Sahi (Author) and Lai, David (Author)
Journal or Proceedings TitleProceedings of the 22nd International Conference on Telecommunications (ICT2015)
Number of Pages5
Year2015
Place of PublicationUnited States
ISBN9781479980789
Digital Object Identifier (DOI)https://doi.org/10.1109/ICT.2015.7124683
Web Address (URL) of Paperhttps://ieeexplore.ieee.org/abstract/document/7124683
Web Address (URL) of Conference Proceedingshttps://ieeexplore.ieee.org/xpl/conhome/7109533/proceeding
Conference/Event22nd International Conference on Telecommunications (ICT2015)
Event Details
Rank
C
C
C
C
C
C
C
C
C
C
C
C
C
Event Details
22nd International Conference on Telecommunications (ICT2015)
Parent
IEEE International Conference on Telecommunications
Event Date
27 to end of 29 Apr 2015
Event Location
Sydney, Australia
Abstract

The acceleration in developments in communication technology has led to a consequent increase in the vulnerability of data due to penetration attacks. These attacks often came from outside where non-qualified companies develop IT projects. Cryptography can offer high levels of security but has recently shown vulnerabilities such as the man-in-the-middle (MITM) attack in areas of key exchange protocols, especially in the Diffie-Hellman (DH) protocol. Firstly, this paper presents an overview of MITM attacks targeted at the DH protocol then discusses some of the shortcomings of current defenses. A proposed method to secure DH, which helps secure systems against MITM attacks, is then presented. This method involves the use of Geffe generation of binary sequences. The use of Geffe generator offers high levels of randomness. Data hashed and encrypted using this proposed method will be so difficult to intercept and decrypt without the appropriate keys. This offers high levels of security and helps prevent MITM attacks.

Keywordspublic key; random number generation; data security; cryptography; message authentication; digital signatures
ANZSRC Field of Research 2020460499. Cybersecurity and privacy not elsewhere classified
Public Notes

© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Byline AffiliationsSchool of Agricultural, Computational and Environmental Sciences
Institution of OriginUniversity of Southern Queensland
Permalink -

https://research.usq.edu.au/item/q2zx3/preventing-man-in-the-middle-attack-in-diffie-hellman-key-exchange-protocol

  • 3131
    total views
  • 15
    total downloads
  • 2
    views this month
  • 0
    downloads this month

Export as

Related outputs

A Review of the State of the Art in Privacy and Security in the eHealth Cloud
Sahi, Aqeel, Lai, David and Li, Yan. 2021. "A Review of the State of the Art in Privacy and Security in the eHealth Cloud." IEEE Access. 9, pp. 104127-104141. https://doi.org/10.1109/ACCESS.2021.3098708
An efficient hash based parallel block cipher mode of operation
Sahi, Aqeel, Lai, David and Li, Yan. 2018. "An efficient hash based parallel block cipher mode of operation." 3rd IEEE International Conference on Computer and Communication Systems (ICCCS 2018). Nagoya, Japan 27 - 30 Apr 2018 New York, United States.
Three-party password-based authenticated key exchange protocol based on the computational Diffie-Hellman assumption
Sahi, Aqeel, Lai, David and Li, Yan. 2018. "Three-party password-based authenticated key exchange protocol based on the computational Diffie-Hellman assumption." International Journal of Communication Networks and Distributed Systems. 21 (4), pp. 560-581. https://doi.org/10.1504/IJCNDS.2018.095373
Securing clouds using cryptography and traffic classification
Khader Al-Nassar, Aqeel Sahi. 2018. Securing clouds using cryptography and traffic classification. PhD Thesis Doctor of Philosophy. University of Southern Queensland. https://doi.org/10.26192/5c0de0e2f69e0
An Efficient DDoS TCP Flood Attack Detection and Prevention System in a Cloud Environment
Sahi, Aqeel, Lai, David, Li, Yan and Diykh, Mohammed. 2017. "An Efficient DDoS TCP Flood Attack Detection and Prevention System in a Cloud Environment ." IEEE Access. 5, pp. 6036-6048. https://doi.org/10.1109/ACCESS.2017.2688460
An energy efficient TCP DoS attacks mitigation method in cloud computing
Sahi, Aqeel, Lai, David and Li, Yan. 2017. "An energy efficient TCP DoS attacks mitigation method in cloud computing." Al-Jumaily, Adel Ali, Barifcani, Ahmed and Al-Jumaily, Ahmed (ed.) 1st MoHESR and HCED Iraqi Scholars Conference in Australasia 2017 (ISCA 2017). Melbourne, Australia 05 - 06 Dec 2017 Melbourne, Australia.
Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan
Sahi, Aqeel, Lai, David and Li, Yan. 2016. "Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan." Computers in Biology and Medicine. 78, pp. 1-8. https://doi.org/10.1016/j.compbiomed.2016.09.003
Data selection in EEG signals classification
Wang, Shuaifang, Li, Yan, Wen, Peng and Lai, David. 2016. "Data selection in EEG signals classification." Physical and Engineering Sciences in Medicine. 39 (1), pp. 157-165. https://doi.org/10.1007/s13246-015-0414-x
Parallel encryption mode for probabilistic scheme to secure data in the cloud
Sahi, Aqeel, Lai, David and Li, Yan. 2015. "Parallel encryption mode for probabilistic scheme to secure data in the cloud." 10th International Conference on Information Technology and Applications (ICITA 2015). Sydney, Australia 01 - 04 Jul 2015 Australia.
Distance education platform for effective learning in computer networking courses
Lai, David, Venkatakrishnan, Vijayakrishnan and Li, Yan. 2012. "Distance education platform for effective learning in computer networking courses." Wang, Chih-Chien (ed.) 2012 International Conference on Applied and Theoretical Information Systems Research (ATISR 2012). Taipei, Taiwan 10 - 12 Feb 2012 Taipei, Taiwan.
Supporting secure services on dynamic aggregation of heterogeneous networks
Lai, David Tai Wai. 2010. Supporting secure services on dynamic aggregation of heterogeneous networks. PhD Thesis Doctor of Philosophy. University of Southern Queensland.
Towards an authentication protocol for service outsourcing over IP networks
Lai, David, Zhang, Zhongwei and Wang, Hua. 2005. "Towards an authentication protocol for service outsourcing over IP networks." Arabnia, Hamid R. (ed.) 2005 International Conference on Security and Management. Las Vegas, United States of America 20 - 23 Jun 2005 Las Vegas, Nevada, USA.
Understanding and enlivening AQM workings using computer simualtion
Shen, Chong, Zhang, Zhongwei and Lai, David. 2006. "Understanding and enlivening AQM workings using computer simualtion." Li, Hong (ed.) ASEE Mid-Atlantic Section Spring 2006 Conference (ASEE 2006). New York, United States 28 - 29 Apr 2006 New York, USA.
Achieving secure service sharing over IP networks
Lai, David, Zhang, Zhongwei and Shen, Chong. 2006. "Achieving secure service sharing over IP networks." Li, Hong (ed.) ASEE Mid-Atlantic Section Spring 2006 Conference (ASEE 2006). New York, United States 28 - 29 Apr 2006 New York, USA.
Efficient information propagation in service routing for next generation network
Lai, David and Zhang, Zhongwei. 2009. "Efficient information propagation in service routing for next generation network." Wen, Peng, Li, Yuefeng, Polkowski, Lech, Yao, Yiyu, Tsumoto, Shusaku and Wang, Guoyin (ed.) 4th International Conference on Rough Sets and Knowledge Technology (RSKT 2009). Gold Coast, Australia 14 - 16 Jul 2009 Berlin, Germany. https://doi.org/10.1007/978-3-642-02962-2_43
Integrated key exchange protocol capable of revealing spoofing and resisting dictionary attacks
Lai, David and Zhang, Zhongwei. 2004. "Integrated key exchange protocol capable of revealing spoofing and resisting dictionary attacks." Xue, Li, Zhou, JiangYing, Yung, Moti and Jakobsson, Markus (ed.) 2nd International Conference, Applied Cryptography and Network Security ACNS 2004. Yellow Mountain, China 08 - 11 Jun 2004 China.
Service re-routing for service network graph: efficiency, scalability and implementation
Lai, David and Zhang, Zhongwei. 2009. "Service re-routing for service network graph: efficiency, scalability and implementation." International Journal of Computer Networks and Communications. 1 (1), pp. 46-59.
An active approach to multimedia network management
Zhang, Zhongwei and Lai, David. 2005. "An active approach to multimedia network management." Mastorakis, Nikos and Passadis, Kostas (ed.) 9th WSEAS International Conference on Communications. Athens, Greece 11 - 16 Jul 2005 Athens, Greece.
Decentralized management of multimedia network using active network technology
Zhang, Zhongwei and Lai, David. 2005. "Decentralized management of multimedia network using active network technology." WSEAS Transactions on Communications. 4 (7), pp. 325-333.
Implementing and evaluating an adaptive secure routing protocol for mobile ad hoc network
Jin, Lu, Zhang, Zhongwei and Lai, David. 2006. "Implementing and evaluating an adaptive secure routing protocol for mobile ad hoc network." Powell, Steven (ed.) 5th Annual Wireless Telecommunication Symposium (WTS2006). Pomona, United States 27 - 29 Apr 2006 Pomona, California, USA.
Secure service sharing over networks for mobile users using service network graphs
Lai, David and Zhang, Zhongwei. 2006. "Secure service sharing over networks for mobile users using service network graphs." Powell, Steven (ed.) 5th Annual Wireless Telecommunication Symposium (WTS2006). Pomona, United States 27 - 29 Apr 2006 Pomona, California, USA.
Network service sharing infrastructure: service authentication and authorization revocation
Lai, David and Zhang, Zhongwei. 2005. "Network service sharing infrastructure: service authentication and authorization revocation." Mastorakis, Nikos and Passadis, Kostas (ed.) 9th WSEAS International Conference on Communications. Athens, Greece 11 - 16 Jul 2005 Athens, Greece.
An infrastructure for service authentication and authorization revocation in a dynamic aggregation of networks
Lai, David and Zhang, Zhongwei. 2005. "An infrastructure for service authentication and authorization revocation in a dynamic aggregation of networks." WSEAS Transactions on Communications. 4 (8), pp. 537-547.
A unified approach to ameliorate active queue management of network routers
Zhang, Zhongwei, Lai, David and Suthaharan, Shan. 2005. "A unified approach to ameliorate active queue management of network routers." Ohta, Naohisa (ed.) 2005 International Symposium on Intelligent Signal Processing and Communication Systems (ISPACS 2005). Hong Kong, China 13 - 16 Dec 2005 New York, United States.
Self-authentication of encrypted channels in service network graph
Lai, David and Zhang, Zhongwei. 2008. "Self-authentication of encrypted channels in service network graph." Cao, Jiang, Li, Minglu, Weng, Chuliang, Xiang, Yang, Wang, Xin, Tang, Hong, Hong, Feng, Liu, Hong and Wang, Yinglin (ed.) IFIP International Conference on Network and Parallel Computing (NPC 2008). Shanghai, China 18 - 21 Oct 2008 Los Alamitos, CA. United States. https://doi.org/10.1109/NPC.2008.20
Improving efficiency and scalability of service network graph by re-routing service routes
Lai, David and Zhang, Zhongwei. 2009. "Improving efficiency and scalability of service network graph by re-routing service routes." Nguyen, Ngoc Thanh, Nguyen, Huynh Phan and Grzech, Adam (ed.) ACIIDS 2009: 1st Asian Conference on Intelligent Information and Database Systems. Dong Hoi, Vietnam 01 - 03 Apr 2009 Piscataway, NJ. United States. https://doi.org/10.1109/ACIIDS.2009.31
An evaluation of electronic individual peer assessment in an introductory programming course
de Raadt, Michael, Lai, David and Watson, Richard. 2008. "An evaluation of electronic individual peer assessment in an introductory programming course." Lister, Raymond (ed.) 7th Baltic Sea Conference on Computing Education Research (Koli Calling 2007). Koli National Park, Finland 15 - 18 Nov 2007 Sydney, Australia.