Re: Encryption question

From: SERGIO OTERO (SOTERO_at_gire.com)
Date: 02/25/04

Next message: Burton M. Strauss III: "RE: Encryption question"

Previous message: Schomburg, Clay (RDI): "RE: Patch manager for IBM AIX"
Maybe in reply to: Preston, Tony: "Encryption question"
Next in thread: Burton M. Strauss III: "RE: Encryption question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 25 Feb 2004 18:02:17 -0300
To: <Tony.Preston@acs-inc.com>, <security-basics@securityfocus.com>

You're describing a man in the middle attack. Using digital certificates prevents this kind of trouble. Since the CA "authenticates" the certificate owner (i.e. Alice or Bob) and digitally signs the user certificate, you can't fake Alice nor Bob identity.

Hope this help.

>>> "Preston, Tony" <Tony.Preston@acs-inc.com> 24-02-04 04:01:29 >>>

Tony Preston
Systems Engineer, AS&T Inc.
Division of L3 Corporation
(609) 485-0205 x 181

I have what is a rather basic question... I probably am missing something
so I thought I would ask here.

Alice and Bob both have a public and private key.

Alice encrypts her email to Bob using his public key. Sends the email and
Bob decrypts it using his keys..

Since both Bob and Alice's public keys are known, Why can't I take Alice's
public key and create a key pair using any other private key. Now, I fake
an electronic signature from Alice using the pair I created and send a bogus
encrypted message to Bob with my "fake" Alice signature. Bob checks the
signature by using the public key and it is valid. Bob assumes the message
is from Alice...

What prevents me from spoofing someone's electronic signature this way?

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Burton M. Strauss III: "RE: Encryption question"

Previous message: Schomburg, Clay (RDI): "RE: Patch manager for IBM AIX"
Maybe in reply to: Preston, Tony: "Encryption question"
Next in thread: Burton M. Strauss III: "RE: Encryption question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Simple authenticated channel
... protocols (in this case, I assume Bob uses a DH keypair), followed by ... It is assumed Alice already has an authetic copy of Bob's public key. ... The attacker therefore does not hold k, ...
(sci.crypt)
Re: PGP Lame question
... i think that given Q and Bob's public key, ... Q can be linked as encrypted to Bob ... can verify that Alice signed something somehow connected to Bob? ... Alice encrypts M with R and gets an output, ...
(sci.crypt)
Practical improvement of DH-ElGamal scheme
... Improving DH-ElGamal public key encryption scheme can be done in ... For person Alice: ... Linking between 2 persons (Alice and Bob): ... Attacking this encryption scheme: ...
(sci.crypt.research)
Re: GPG
... In a practical sense, only Bob may decrypt ... Alice on the way to Bob and prevent it from reaching Bob. ... Alice may encrypt the message with Bob's public key, ... the others) before issuing their certificates. ...
(comp.os.linux.security)
Re: Is SSL/TSL really secure?
... computers to record the private and public keys as they pass from my ... So both partners have such a keypair, say Alice has K1, K2 and Bob has ... Now Alice keeps K1 strictly secret - it's her "private key". ... with the public key of Bob, ...
(comp.security.misc)