# Public/Private Key Exchange

• Public/Private key encryption was invented in 2976 by Diffe and Hellman.
• Why can't I just email you my public key?
• Alice requests Bob's public key
• Bob replies with the public key
• Alice encrypts a AES key with Bob's public key and sends it.
• Max in the middle attack.
• Alice requests Bob's public key
• Max intercepts this message
• Generates a key pair for Bob, Bob*
• Sends Sends Bob* to Alice
• Generates a key pair for Alice, Alice*
• Sends Alice's message to Bob encrypted as Alice*
• Gets Bob's public key.
• Bob responds to Max, but Max throws this away.
• Alice encrypts an AES key with Bob* and sends it to Max
• Max
• Decrypts this key
• Encrypts the key with Bob's real public key and sends it to him.
• Max now has the AES key Alice and Bob are using to communicate
• Communication begins with Max listening in.
• In most other places this is called a man-in-the-middle attack.
• A half key exchange will defeat this.
• Alice sends her public key to Bob with a request to generate a session key
• Bob sends his public key to Alice.
• Alice creates an AES key and encrypts it with Bob's public key, but only sends 1/2 of the encrypted message
• Perhaps every other bit.
• Since AES is a block cipher, Max can't decript a message split this way.
• Bob generates a random number, encrypts it with his private key and sends half of it to Alice.
• This random number is known as a nonce
• Alice sends the other half of the encrypted AES key to Bob
• Bob combines the two halves and decypts using his private key.
• He then sends the other half of the encrypted secret number to Alice.
• Alice combines and reconstructs the nonce and encrypts it using the exchanged AES key and sends it to Bob.
• Bob decripts Alice's message and checks to make sure the nonce is valid.
• At this point, Max could be duplicating everything but
• He can't make the 1/2 message work until the entire exchange is done.
• Thus he can establish
• An AES key between Alice and Max
• An AES key between Max and Bob
• But there is not key between Alice and Bob
• Max is permanently inserted in the middle.
• A key exchange
• Establish an authority who "holds" public keys.
• This would be a certificate authority.
• User register with this authority and provide a public key.
• This authority is well know and has a well published public key.
• If I want to contact mirkwood.cs.edinboro.edu for example
• I contact the CA and ask for mirkwood's public key encrypted with the CA's private key.
• I can then decript mirkwood's public key with the CA's public key.
• And begin conversing with mirkwood.
• All major browsers contain the public keys of existing certificate authorities.
• Public Key Infrastructures (PKI)
• A PKI binds public keys with entities. (organizations, people, ...)
• Bindings are established by the entity registering with a certificate authority.
• This is possibly done through a registration authority
• For some things this can be automatic.
• For others there needs to be human validation.
• Entities are uniquely identified by a CA.
• A Validation Authority can then employ a CA to validate identity.
• A certificate can be invalidated if the identity is no longer trusted.
• The book also discusses a distributed or "web of trust" system.
• You can get keys from people you trust.
• You can share keys with people who trust you.
• In an organization this may form a tree with the owner at the root.