diff -r c4fa7e8a2ffa -r 8f2749152f1e handouts/ho05.tex --- a/handouts/ho05.tex Wed Oct 29 18:02:32 2014 +0000 +++ b/handouts/ho05.tex Wed Oct 29 19:36:15 2014 +0000 @@ -511,22 +511,47 @@ \subsubsection*{Averting Person-in-the-Middle Attacks} -The idea of public-private key encryption is that one can -make public the key $P^{pub}$ which people can use to -encrypt messages for me. and I can use my key $P^{priv}$ -to be the only one that can decrypt them. While this sounds -all good, it relies that people can associate me, for example, -with my public key. That i snot so trivial as it sounds. -For example, if I would be the government, Obama for example, -and find out who are the trouble makers, I would publish an -innocent looking webpage and say I am the New York Times, for -example, publish a public key, and then just wait for incoming -messages. +The idea of public-private key encryption is that one can make +public the key $K^{pub}$ which people can use to encrypt +messages for me. and I can use my key $K^{priv}$ to be the +only one that can decrypt them. While this sounds all good, it +relies that people can associate me, for example, with my +public key. That i snot so trivial as it sounds. For example, +if I would be the government, say Cameron, and try to find out +who are the trouble makers in the country, I would publish an +innocent looking webpage and say I am The Guardian newspaper +(or alternatively The Sun for all the juicy stories), publish +a public key on it, and then just wait for incoming messages. - +This problem is supposed to be solved by using certificates. +The purpose of certification organisations is that they verify +that a public key, say $K^{pub}_{Bob}$, really belongs to Bob. +This is also the mechanism underlying the HTTPS protocol. The +problem is that this system is essentially completely +broken\ldots{}but this is a story for another time. Suffice +to say for now that one of the main certification +organisations, VeriSign, has limited its liability to \$100 in +case it issues a false certificate. This is really a joke and +really the wrong incentive for the certification organisations +to clean up their mess. -\bigskip\bigskip -Keyfobs - protocol +The problem we want to study closer here is that +public-private key encryption is susceptible to +person-in-the-middle attack. Consider the following protocol +where $A$ and $B$ attempt to exchange secret messages using +public-private keys. + +\begin{itemize} +\item $A$ sends public key to $B$ +\item $B$ sends public key to $A$ +\item $A$ sends message encrypted with $B$'s public +key,\\ $B$ decrypts it with its private key +\item $B$ sends message encrypted with $A$'s public +key,\\ $A$ decrypts it with its private key +\end{itemize} + + +\bigskip\bigskip Keyfobs - protocol \subsubsection*{Further Reading}