Evaluation of Authentication Algorithms for Small Devices
Evaluation of Authentication Algorithms for Small Devices
Evaluation of Authentication Algorithms for Small Devices
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
2.2 SSH authentication using Diffie-Hellman Key<br />
Exchange<br />
Here we will have a closer look at the SSH-Protocol, and specially the Diffie-Hellman<br />
Key Exchange[5]. The SSH-Protocol is a typical example <strong>for</strong> a Challenge-Response<br />
Protocol, where the claimant is challenged by the verifier to respond with username<br />
and password. In a first phase the protocol uses the Diffie-Hellman-Keyexchange<br />
to establish a session key, which is used to encrypt further traffic. We assume this<br />
protocol being secure, under the assumption that there exists no effective algorithm<br />
to calculate a discrete logarithm, and not man in the middle attack only passive<br />
listening.<br />
The Algorithm works as follows:<br />
• Alice (A) selects a big value p, a generator value g and a Secret x with 1 ≤<br />
x ≤ (p − 1)<br />
• A calculates u = g x mod p<br />
• A sends g,p,u to Bob (B)<br />
• B selects a secret y<br />
• B calculates k = z y and v = g y mod p<br />
• B sends v to A<br />
• A calculates k = v x<br />
In the end both have the same secret the can use as a key k beeing:<br />
k = g xy mod p = (g x mod p) y = (g y mod p) x<br />
The secret can be used <strong>for</strong> further secure communications e.g. to exchange authentically<br />
certificates or cryptographic keys.<br />
Part I<br />
A<br />
B<br />
1 p ∈ prime −→ 2 p ∈ prime 1<br />
1 g ∈ R {2 . . . p − 2} −→ g ∈ R {2 . . . p − 2} 1<br />
1 x ∈ R {2 . . . p − 2} y ∈ R {2 . . . p − 2} 1<br />
(t + h − 2) u = g x mod p −→<br />
←− v = g y mod p (t + h − 2)<br />
+(2n − n)(n + 3)<br />
t + h − 2 k = (g y ) x mod n k = (g x ) y mod n t + h − 2<br />
n 2 + 7n + 7 total multiplications n 2 + 7n + 7