0

The problem is the following: I need to establish an encrypted connection (which, hence, requires at least one secret - the key[s]) between two clients. They are only allowed to communicate over public channels. Also, they don't know any secret about each other.

tl;dr

Alice, Bob and Carl are in a room. They don't know each other. Alice wants to tell Bob a secret, which Carl cannot understand. How can she do this?

Giulio Muscarello
  • 1,312
  • 2
  • 12
  • 33

2 Answers2

1

They still need to establish not so open channel. For instance, Bob hands Alice his public key, she encrypts the secret using this key and hands it back to Bob so that he can decipher it using his private key.

(note, that if Carl is stronger and close enough to Bob, it won't help, anyway).

Michael Krelin - hacker
  • 138,757
  • 24
  • 193
  • 173
  • True, muscle will break most cryptography - or break bones. lol – Kami Nov 20 '12 at 10:17
  • @Kami, this is a *brute force* approach to cryptography that is often overlooked. ;-) – Michael Krelin - hacker Nov 20 '12 at 10:19
  • I don't understand why "they still need to establish [a] not-so-open channel". According to your method (sharing an encryption key, which doesn't work as a decryption key), a secret can be established over a public channel, assuming the decryption key is not revealed. – Giulio Muscarello Nov 20 '12 at 10:35
  • @GiulioMuscarello, well, the public key is sent over the open channel, what I meant is that secret passed back is not really sent over too open a channel, because it's already encrypted. It's a matter of wording, of course, you understood the whole thing right, for what I can tell by your question. – Michael Krelin - hacker Nov 20 '12 at 10:42
  • Oh, I get what you meant. In fact, yes, technically the secret passes through a secret channel, while the encrypted message passes through an open channel. +1 for explaining well the public-key thing. – Giulio Muscarello Nov 20 '12 at 11:02
  • Yup, that's what I meant. They public key and encrypted message pass over the open channel. It's handing Alice a box, which can be closed without the key, but you need the key (private to Bob) to open. So, whatever Alice puts into box isn't quite open anymore. – Michael Krelin - hacker Nov 20 '12 at 11:16
0

I believe the public-key approach is what you should consider. This is where each person has two related keys; public and private. The public key is used to encrypt the message, but only a private key can decrypt the message.

see - http://en.wikipedia.org/wiki/Public-key_cryptography#Description

Kami
  • 19,134
  • 4
  • 51
  • 63