RE: Encryption question
From: David Gillett (gillettdavid_at_fhda.edu)
Date: 02/28/04
- Previous message: Paul Kurczaba: "Re: Protecting Multiple Public IP Workstations"
- Next in thread: Marco Araujo: "RE: Encryption question"
- Maybe reply: Marco Araujo: "RE: Encryption question"
- Maybe reply: Daniel Menezes: "RE: Encryption question"
- Maybe reply: Preston, Tony: "RE: Encryption question"
- Maybe reply: Daniel Menezes: "RE: Encryption question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Preston, Tony'" <Tony.Preston@acs-inc.com>, <security-basics@securityfocus.com> Date: Fri, 27 Feb 2004 17:10:56 -0800
> > Bob checks the signature by using the public key and
> > it is valid.
If you're saying that Bob checks it using ALICE's public key,
then what this tells Bob is that the person who signed the message
had Alice's PRIVATE key. i.e., It really did come from Alice.
Bob should not accept a new public key for Alice without some
assurance that it really did come from her. Unless the reason for
the new one is that her old private key has been compromised,
signing the update with her old private key could be sufficient.
A message that says "here is my new public key" and is signed
only with its corresponding private key is a form of social
engineering attack; it's like having the name on your driver's
license read "ME".
Encrypting the message (NOT "signing") with Bob's public key
means that only someone with Bob's private key (i.e., Bob) can
decrypt and read the message. It could have been sent by anyone
who had Bob's public key, which might or might not be widely known.
Dave Gillett
> -----Original Message-----
> From: Preston, Tony [mailto:Tony.Preston@acs-inc.com]
> Sent: Tuesday, February 24, 2004 11:01 AM
> To: security-basics@securityfocus.com
> Subject: Encryption question
>
>
>
>
> Tony Preston
> Systems Engineer, AS&T Inc.
> Division of L3 Corporation
> (609) 485-0205 x 181
>
> I have what is a rather basic question... I probably am
> missing something
> so I thought I would ask here.
>
> Alice and Bob both have a public and private key.
>
> Alice encrypts her email to Bob using his public key. Sends
> the email and
> Bob decrypts it using his keys..
>
> Since both Bob and Alice's public keys are known, Why can't I
> take Alice's
> public key and create a key pair using any other private key.
> Now, I fake
> an electronic signature from Alice using the pair I created
> and send a bogus
> encrypted message to Bob with my "fake" Alice signature. Bob
> checks the
> signature by using the public key and it is valid. Bob
> assumes the message
> is from Alice...
>
> What prevents me from spoofing someone's electronic signature
> this way?
>
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Paul Kurczaba: "Re: Protecting Multiple Public IP Workstations"
- Next in thread: Marco Araujo: "RE: Encryption question"
- Maybe reply: Marco Araujo: "RE: Encryption question"
- Maybe reply: Daniel Menezes: "RE: Encryption question"
- Maybe reply: Preston, Tony: "RE: Encryption question"
- Maybe reply: Daniel Menezes: "RE: Encryption question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
