📝Key Compromise Impersonation attack
- tags
Diffie-Hellman / ECDH are vulnerable to Key Compromise Impersonation (KCI) attack: if a party’s private key was compromised, the attacker can impersonate any other party to them. This is because knowing private key of the victim allows the attacker to perform key exchange with any other public key and compute the shared secret.
If protocol does not use any other authentication mechanism, this allows the attacker to trick the victim into accepting message as if they were coming from a trusted sender.