1 comment

[ 0.20 ms ] story [ 8.8 ms ] thread
Exploiting the computationally expensive nature of the Diffie-Hellman key exchange protocol an attacker can perform a denial-of-service (DoS) attack by sending arbitrary numbers as public keys to a target server forcing it to generate its public key, validate the peer's one, and compute the shared secret. All three operations require the computationally complex modular exponentiation which creates an asymmetric resource usage situation, which is the basis for overloading the server's CPU and rendering it unavailable. The attack is carried out with such a methodology called D(HE)at attack (CVE-2002-20001).