Encryption question
From: Preston, Tony (Tony.Preston_at_acs-inc.com)
Date: 02/24/04
- Previous message: David Barroso: "Re: Patch manager for IBM AIX"
- Next in thread: Gene LeDuc: "RE: Encryption question"
- Maybe reply: Gene LeDuc: "RE: Encryption question"
- Reply: Lars Georg Paulsen: "Re: Encryption question"
- Reply: Jamie Pratt: "Re: Encryption question"
- Maybe reply: SERGIO OTERO: "Re: Encryption question"
- Reply: Burton M. Strauss III: "RE: Encryption question"
- Reply: Aaron Keck: "Re: Encryption question"
- Reply: Theo Chaojareon: "Re: Encryption question"
- Maybe reply: Jordan, Jason D. \: "RE: Encryption question"
- Maybe reply: Hollis Johnson: "RE: Encryption question"
- Maybe reply: Lars Georg Paulsen: "Re: Encryption question"
- Reply: Raghu Chinthoju: "Re: Encryption question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Tue, 24 Feb 2004 13:01:29 -0600
Tony Preston
Systems Engineer, AS&T Inc.
Division of L3 Corporation
(609) 485-0205 x 181
I have what is a rather basic question... I probably am missing something
so I thought I would ask here.
Alice and Bob both have a public and private key.
Alice encrypts her email to Bob using his public key. Sends the email and
Bob decrypts it using his keys..
Since both Bob and Alice's public keys are known, Why can't I take Alice's
public key and create a key pair using any other private key. Now, I fake
an electronic signature from Alice using the pair I created and send a bogus
encrypted message to Bob with my "fake" Alice signature. Bob checks the
signature by using the public key and it is valid. Bob assumes the message
is from Alice...
What prevents me from spoofing someone's electronic signature this way?
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: David Barroso: "Re: Patch manager for IBM AIX"
- Next in thread: Gene LeDuc: "RE: Encryption question"
- Maybe reply: Gene LeDuc: "RE: Encryption question"
- Reply: Lars Georg Paulsen: "Re: Encryption question"
- Reply: Jamie Pratt: "Re: Encryption question"
- Maybe reply: SERGIO OTERO: "Re: Encryption question"
- Reply: Burton M. Strauss III: "RE: Encryption question"
- Reply: Aaron Keck: "Re: Encryption question"
- Reply: Theo Chaojareon: "Re: Encryption question"
- Maybe reply: Jordan, Jason D. \: "RE: Encryption question"
- Maybe reply: Hollis Johnson: "RE: Encryption question"
- Maybe reply: Lars Georg Paulsen: "Re: Encryption question"
- Reply: Raghu Chinthoju: "Re: Encryption question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
