This entry is part 2 of 6 in the series PKI

PKI

Symmetric Encryption has two potential drawbacks. The first of these is the commonly known Man in the Middle attack. The second is a limitation on reuse.

Man in the Middle attack – Symmetric

If Anuj wants to communicate with Bob, Tom can intercept the channel (both ways) – and replace Anuj’s random number with his own. He can also replace Bob’s random number with his own. And neither will know that their numbers have been replaced.

Re-Use Limitation – Symmetric Keys

If Anuj wants to communicate with Bob and Charlie, Anuj needs  TWO separate keys (cannot re-use the same key).

No Re-Use Limitation – Asymmetric Keys

Asymmetric keys can be used by as many of Anuj’s contacts as needed. The same key pair works. Everyone uses the SAME PUBLIC key to encrypt their data.

Basic Diffie Helman

Anuj and Bob agree on TWO  prime numbers (both large). Call them g and n . These do not have to be secret (private). They can be publicly known.

Anuj chooses a random number x. Computes A = ( g ^ x ) mod n

Bob chooses a random number y. Computes B = ( g ^ y ) mod n

They exchange A and B (using either offline or online exchange). Using A and B, they both compute a secret key. This key ends up being the SAME for both of them, even though they both started with different random numbers.

Now, they can happily encrypt all future messages using their secret key

 

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

 Twitter Linkedin

Series NavigationWhy do we need certificates at all in PKI?Group Encryption Keys