Public/Private Key Exchange

• Public/Private key encryption was invented in 2976 by Diffe and Hellman.
• Why can't I just email you my public key?
  • Alice requests Bob's public key
  • Bob replies with the public key
  • Alice encrypts a AES key with Bob's public key and sends it.
• Max in the middle attack.
  • Alice requests Bob's public key
  • Max intercepts this message
    • Generates a key pair for Bob, Bob*
    • Sends Sends Bob* to Alice
    • Generates a key pair for Alice, Alice*
    • Sends Alice's message to Bob encrypted as Alice*
    • Gets Bob's public key.
  • Bob responds to Max, but Max throws this away.
  • Alice encrypts an AES key with Bob* and sends it to Max
  • Max
    • Decrypts this key
    • Encrypts the key with Bob's real public key and sends it to him.
    • Max now has the AES key Alice and Bob are using to communicate
  • Communication begins with Max listening in.
• In most other places this is called a man-in-the-middle attack.
• A half key exchange will defeat this.
  • Alice sends her public key to Bob with a request to generate a session key
  • Bob sends his public key to Alice.
  • Alice creates an AES key and encrypts it with Bob's public key, but only sends 1/2 of the encrypted message
    • Perhaps every other bit.
    • Since AES is a block cipher, Max can't decript a message split this way.
  • Bob generates a random number, encrypts it with his private key and sends half of it to Alice.
    • This random number is known as a nonce
  • Alice sends the other half of the encrypted AES key to Bob
  • Bob combines the two halves and decypts using his private key.
    • He then sends the other half of the encrypted secret number to Alice.
  • Alice combines and reconstructs the nonce and encrypts it using the exchanged AES key and sends it to Bob.
  • Bob decripts Alice's message and checks to make sure the nonce is valid.
• At this point, Max could be duplicating everything but
  • He can't make the 1/2 message work until the entire exchange is done.
  • Thus he can establish
    • An AES key between Alice and Max
    • An AES key between Max and Bob
  • But there is not key between Alice and Bob
  • Max is permanently inserted in the middle.
• A key exchange
  • Establish an authority who "holds" public keys.
  • This would be a certificate authority.
  • User register with this authority and provide a public key.
  • This authority is well know and has a well published public key.
  • If I want to contact mirkwood.cs.edinboro.edu for example
    • I contact the CA and ask for mirkwood's public key encrypted with the CA's private key.
    • I can then decript mirkwood's public key with the CA's public key.
    • And begin conversing with mirkwood.
• All major browsers contain the public keys of existing certificate authorities.
• Public Key Infrastructures (PKI)
  • A PKI binds public keys with entities. (organizations, people, ...)
  • Bindings are established by the entity registering with a certificate authority.
  • This is possibly done through a registration authority
    • For some things this can be automatic.
    • For others there needs to be human validation.
  • Entities are uniquely identified by a CA.
  • A Validation Authority can then employ a CA to validate identity.
  • A certificate can be invalidated if the identity is no longer trusted.
    • The book also discusses a distributed or "web of trust" system.
      • You can get keys from people you trust.
      • You can share keys with people who trust you.
      • In an organization this may form a tree with the owner at the root.