1

I am having trouble understanding the concept of public-key cryptography and why some cryptosystems can be easily broken when used in a certain way. Here is an example.

Suppose we have a communication network where every user $U$ has an enciphering function $C_U$, which is public, and a deciphering function $D_U$ which is private. Let $A$ and $B$ be two users in the network. Suppose $A$ wants to send the message $m$ to $B$. Then $A$ sends $(C_B(m),A)$. The address $A$ is to specify the sender of the message (this is like a really poor digital signature, but again this is a very simple example to make sure I understand the concepts). After receipt, $B$ will reply with $(C_A(m),B)$, so $A$ knows that the message has been received.

Suppose that a third user $C$ can intercept every communication in the network. Then I am told that $C$ can read the message $m$. I suppose that this is because the same message has been sent using different enciphering functions. However, I am not sure of this and I would like to understand the reason behind it. Could someone help me?

kelalaka
  • 1,637
kubo
  • 1,918

1 Answers1

1
  • $C$ intercept the message $(C_B(m),A)$
  • $C$ modifies it as $(C_B(m),C)$
  • $C$ sends to $B$.
  • $B$ consider this come from $C$.
  • $B$ decrypt the ciphertext to access the message $m$.
  • $B$ responds as $(C_C(m),B)$.
  • Now, $C$ can decrypt the ciphertext to open the message.

Note that $C$ can be any malicious entity within the network.

As you can see the signature is important to verify the sender and why we have PKI.

kelalaka
  • 1,637
  • What about if $A$ sends $C_B(C_B(m),A)$ to $B$ and $B$ replies with $C_A(C_A(m),B)$ to $A$? How can $C$ get $m$? Maybe doing this process twice? – kubo Dec 10 '21 at 19:22
  • $C$ can't change it since the sender sent in encrypted from, double encryption instead of $C_B(m||A)$. – kelalaka Dec 10 '21 at 19:26