Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Is public key cryptography really safe?

  1. Aug 2, 2006 #1
    Contradict me if I'm wrong...

    If Black Hat blocks and controls Alice’s internet activities (a man in the middle attack) than these 2 situations can arise:

    1. ALICE DOES NOT HAVE BOB'S PUBLIC KEY
    Alice sends Bob her public key but it is blocked by Black Hat and instead he sends his public key ‘A’ to Bob. When Bob sends Alice his public key Black Hat blocks it and gives Alice his second public key B. This will then result in Bob sending an encrypted file (using key A) to Alice, blocked by Black Hat, decrypted with his key A, encrypted with Alice’s public key and sent to Alice. The same when Alice sends to Bob but using key B. An effective man in the middle attack were no one can suspect anything.

    2. ALICE ALREADY HAS BOB'S PUBLIC KEY (BOB BEING A CERTIFICATE AUTHORITY FOR EXAMPLE)
    Alice sends Bob her public key encrypted with Bob's key to prevent the previous situation from arising. Black Hat can still block Alice’s key from arriving to Bob and substitute it with his own key A. Bob will not send his public key because Alice already has it. Now what will happen is that Black Hat can read encrypted files sent by Bob to Alice but he cannot read encrypted files sent by Alice to Bob because Alice does not use Black Hat's key. Instead she uses Bob's authentic key to which Black Hat does not have the equivalent private key. Also Black Hat will have Bob's public key so Bob cannot private key encrypt. So basically unless Bob requests something from Black Hat which only Alice has, Bob will never know about what happened as he doesn’t know Alice’s authentic public key. However Alice will not receive a reply because Alice would be expecting a reply from Bob encrypted using her public key which Black Hat does not have. So all Black Hat can do is isolate Alice from the internet and Black Hat can impersonate her with out anyone else except for Alice suspecting anything. So as long as Bob does not request anything from Alice, Black Hat will have no problems impersonating Alice as he would be receiving encrypted files which he can decrypt on Alice’s behalf. Alice could take days to suspect that her public key never reached Bob as she could think of a delay or Black Hat could impersonate Bob and tell Alice that he did not receive her key so as to buy time.

    Conclusion:
    The only safe way to communicate is by both Alice and Bob having each other’s public key from the start, which means that it is no better than secret key cryptography. Unless of coarse Alice already has something which Bob also has and can challenge Black Hat with it. However this is equivalent to a secret key…
     
  2. jcsd
  3. Aug 2, 2006 #2

    chroot

    User Avatar
    Staff Emeritus
    Science Advisor
    Gold Member

    Well, duh. This is not a new concept!

    Key exchange is obviously the most difficult part of the entire concept of public key cryptography. This is why more advanced systems have key signing mechanisms, so trust hierarchies can be established.

    Simply sending your public key through an open (unsecured) channel is stupid.

    - Warren
     
  4. Aug 2, 2006 #3
    If Alice and Bob had any sense they would have killed Eve by now, we all know shes been listening in on them two for a long time!
     
  5. Aug 3, 2006 #4
    But what I'm saying is that there is no way, not even using digital signitures which is situation 2, to stop it from happening. There is just no way to avoid having files destined to you being stolen by someone else unless you are certain that your public key has arrived. So basically what the hell is public key good for if it was invented specifically for safe and easy distribution? They might as well have kept the secret key model...
     
  6. Aug 3, 2006 #5
    This isnt new

    http://www.rsasecurity.com/rsalabs/node.asp?id=2248 [Broken]

     
    Last edited by a moderator: May 2, 2017
  7. Aug 3, 2006 #6
    Yes I know this but the fact remains that unless Alice and Bob have each other's public key then they just cannot check message integrity as this is only possible after each party has the other's key in order to decrypt the message digest. If that still hasn't happened then Alice's certificate can be substituted with Black Hat's (or Carol or Eve) certificate and it's back to situation 1...

    I really want to know if I am right or wrong guys so please contribute to this thread... 10x :)
     
  8. Aug 3, 2006 #7

    DaveC426913

    User Avatar
    Gold Member

    I thought the idea was that public keys were published ... well, publicly, sort of like a phone book. No black hat is going to be able to block that!
     
  9. Aug 3, 2006 #8

    chroot

    User Avatar
    Staff Emeritus
    Science Advisor
    Gold Member

    Dave,

    Exactly. In every possible cryptographic protocol, there has to be at least some trusted entities. Either you trust the channel for key exchange (you meet in a secret hotel room and swap pieces of paper, for example), or you trust an organization like the New York Times to publish your key in the newspaper, or you trust....

    - Warren
     
  10. Aug 3, 2006 #9
    But that's not what cryptography is for is it? Cryptography is for hiding data where the security of the 'hide' is as secure as your key, not your medium (in the case for public keys anyway)... So basically if you are either paranoid or are exposed in anything that you send or recieve (such as being an inmate in a prison), cryptography is no good...

    Thanks guys, this helped me understand a bit more, always publish your keys on an unalterable medium which is also good for publishing copyright material! (such as the newspaper or a magazine).
     
  11. Aug 3, 2006 #10
    I still have one more question, is publishing your public key on a website safe? For example, www.nero.com have checksums on their website for every software you download from there so as to avoid on-fly illegaly altered downloads (appending virus code to the software for example).

    But is it possible for someone to alter the page your are viewing before it arrives to your computer and change the checksum?
     
    Last edited: Aug 3, 2006
  12. Aug 3, 2006 #11

    chroot

    User Avatar
    Staff Emeritus
    Science Advisor
    Gold Member

    This "flaw" doesn't mean cryptography is no good -- it just means that you have to be very careful with the way you distribute keys, as key exchange is really the most vulnerable part of the process of setting up a secure channel.

    There are also many different key exchange protocols which can prevent (or greatly reduce the likelihood of) a man-in-the-middle attack. Having a trusted authority sign both users' keys is one way. Another is the so-called Interlock protocol developed by Rivest and Shamir. Another is the clever use of session keys.

    - Warren
     
  13. Aug 3, 2006 #12

    chroot

    User Avatar
    Staff Emeritus
    Science Advisor
    Gold Member

    Mere checksums are not really for security -- they are simply for verification that the received data is error-free.

    If an attacker changed both the payload and the checksum, you've never know the difference.

    On the other hand, hashes digitally signed by a trusted authority are secure, because the attacker does not have the ability to forge a digital signature of the trusted authority.

    - Warren
     
  14. Aug 4, 2006 #13
    Yes it's true but it is still used on that site to check for illegal modifications. So basically I cannot ask for a public key or checksum over the internet as it can be modified during transmission? You cannot make an online directory of public keys?
     
  15. Aug 4, 2006 #14
    Public-Private keys are not only for cryptography but all for identification..
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook




Similar Discussions: Is public key cryptography really safe?
  1. Dead Keys (Replies: 1)

  2. Laptop with noisy keys (Replies: 3)

  3. Keys are locked (Replies: 2)

Loading...