If a server proves its bona fides by presenting its public key, and its public key is public, what prevents a bad actor from getting the public key and pretending to be the original? Is the server’s public key tied to a particular IP address or domain so that the client should check that? Or is a third-party certificate required to prove the server’s bona fides? How about the client’s public key? What prevents a bad actor from pretending to be the owner of that public key?
In: Technology
The shared key exchange is only used to establish encryption. The server doesn’t really care who you are, only that the communications are encrypted. It does not prevent the man in the middle (MITM) attack, where someone sits in the middle passing keys back and forth between the two and reading all of the information passed.
However, public key infrastructure allows us to have TLS (transport layer security), which is the security layer of https (web sites). You have root certificates on your computer, and the server has a certificate derived from one of those roots. Thus, you know the server is what it says it is. Usually that’s all that’s needed, they don’t care who is connecting, you care who you are connecting to.
Going more secure, you could set it up so you both have certificates so you both have a verified identity.
This of course requires you both have the same root certificates on your machines. For example, if you go to some secure Army web sites you might get a certificate error because the military certificate (DOD Root) isn’t installed on your computer.
Latest Answers