tags:

views:

310

answers:

4
+1  Q: 

How does two-way asymmetric encryption work?

Say we have Alice and Bob.

Alice sends Bob a message she encrypted with Bob's public key. Bob is the only person who can decrypt it, using his private key. But how can he be certain the message came from Alice?

Suppose he replies, encrypting his message using Alice's public key. Only Alice can decrypt the message. But how can she be certain it was sent by Bob?

Would Alice have to add some kind of public hash to her message so bob can say "This definitely came from Alice?"

+3  A: 

Bob has Alice's public key also, and Alice signed the message with her private key. Bob uses Alice's public key to verify the signature.

Go in reverse for Alice to ensure the message was from Bob.

All you have to do now is make sure that Bob has Alice's real public key and not one injected by a man in the middle.

Nathan  2010-03-02 16:11:23
A: 

Because you make the assumption that a private key is really "private" --i.e., alice and bob don't leave their usb keys plugged into their machine when they leave work.

Hassan Syed  2010-03-02 16:14:09
Where did I make that assumption?
yodaj007  2010-03-02 17:11:12
"You" didn't, I meant the proverbial "you"; and yes you don't use this sort of encryption unless there is a trust channel between Alice and Bob which a certification authority is an indirect instance of. Peh, I can't remove my upvote to your question.
Hassan Syed  2010-03-02 17:20:14
I have no idea what you're getting at. The question was about verifying the source of the message. Reread the last sentence in the question and notice that your answer didn't address it. This had nothing to do with keeping the keys secure. Your reply to my comment didn't address the question either. Why did you answer?
yodaj007  2010-03-02 22:44:53
To verify the source of the message from a sink you need a third party. You only get to a "omg this won't really work" stage if you make an assumption that the key is sent in plaintext. It obviously wont work if it sent in plaintext, A third-party secured mechanism takes care of this aspect -- the most well known mechanism is a certificate authority; however, it is not the only way to do it. The part where you talk about "public hashes" is a certificate authority -- however you don't need a certificate authority. Bob and alice can meet in person and exchange keys.
Hassan Syed  2010-03-02 23:07:05
If you don't understand the gist of a reply you don't need to attack the person trying to answer your question. You could simply ask the person what,specifically, you don't understand.
Hassan Syed  2010-03-02 23:13:26
+3  A: 

The scenario you describe does indeed not provide authenticity. So both Alice and Bob cannot be certain that they are talking to each other. The scenario does only provide confidentiality and as such also not secrecy.

Bob would have to manually confirm with Alice that the public key he thinks is Alice's public key is indeed hers (by calling her and reading it out load and confirming by her voice that it is Alice).

This problem is normally solved with a trusted third party (a Certificate Authority for example, like VeriSign) that issues certificates stating the e.g. Alice is indeed the owner of this particular public key. This is the way it is solved in modern browsers and this is the way all SSL sessions (with your bank of choice) work. A certificate authority signs the certificate from your bank (stating that your bank is indeed the owner of the public key the certificate contains) and your browser has an already built-in certificate from the certificate authority (building a chain of certificates that can be verified).

The scenario you describe is vulnerable to a so called MITM (Man-in-the-middle) attack and not solvable purely with public-key-encryption.

David Sauter  2010-03-02 16:19:53
A: 
IbrarMumtaz  2010-04-20 01:13:04
I hope this makes sense as it coming from a student who is trying to pass the 70-536 exam. As the above is the second of two answers I have posted here on stack overflow relating to Cryptography.
IbrarMumtaz  2010-04-20 01:16:46

related questions

iphone OS! RSA Encryption with public key generated by Bouncy Castle (Java)
How to export a public key in OpenSSL/libcrypto?
How do I import a public key for encryption in C on Windows
Public & Private Keys in .NET besides RSA
How to generate ssh compatible id_rsa(.pub) from Java
Authenticating a user over HTTP (instead of HTTPS)
Encryption across the popular programming languages.
Rainbow tables as a solution to large prime factoring
How to send and receive encrypted email using PHP.
Getting IllegalBlockSize when trying to encrypt too much data
Encryption Product Keys : Public and Private key encryption
Confused about encryption with public and private keys (which to use for encryption)
Using Public/Private keys in reverse
how to produce a key pair for 64 bit public key encryption
pgp key information
BAD_UID error while exporting key in CryptoAPI
Is there a 8 bit block sized Public-Private key encryption algorithm?
DSA public key system verification with Silverlight
.NET implementation (libraries) of elliptic curve cryptography