How to make sure the public key's authenticity

Question

I'm new to asymmetric cryptography (public-private keys) and has a fundamental confusion: I understand that once a person has broadcast his public key to the network, the following communications become safe using the public-private key paradigm. However, how do you make sure the public key received is valid at the first place? For example, if Bob wants to establish a secure communication with Alice, with Eve eavesdropping in the middle, how do you make sure that Bob receives the real public key from Alice, instead of the fake public key forged by Eve? Thanks!

Cheers, M.

Answer 1

Public Key Infrastructure (PKI).
You have a third-party trusted authority that issues certificates to different people/companies. You don't only trust the people, but also the Certification Authority (CA).

The Certification Authority must ensure and validate that the people/company that is buying a certificate is in fact who it claims to be.
The verification is done by signing a the certificate using a private key (from this CA), then both peers in the connection will check that the certificate was signed by a trusted CA and validate the connection.

In you example, Bob will sign the certificate in a CA that Alice trusts.
If Eve tries to sign a certificate in this CA, claiming to be Bob, this will be rejected, because the CA will validate its authenticity. Try to buy a client certificate here to see: https://www.verisign.com/

Another example is your browser, it only shows that a trusted connection is done with StackOverflow, because it trust on Let´s Encrypt, which issued the StackOverflow.com certificate.
Every browser has some default CAs that are already trusted.

Answer 2

The public key would be signed by another authority. Check if this authority is genuine and renowned. If it is unknown then try to further check its signing authority and see if its a renowned one.

The concept of trusting this public key is based on basing your inherent trust in authority which signs this certificate. Signatures are mathematically verifiable so they cannot be forged unless there's an issue with implementation or mathematical algorithm itself.

So in a nutshell, try to see the signing authority of the certificate and if it is something you trust.

Answer 3

The certificate authorities(CA) or web of trust(WOT) model shall help you in ensuring the authenticity of public key.

The Certificate authority is a centralized entity that issues digital certificate that certifies the ownership of a public key by the named subject of the certificate. It acts as a trusted 3rd party, trusted both by the subject (owner) of the certificate and by the party relying upon the certificate.

The web of trust is a decentralized trust model to establish the authenticity of the binding between a public key and its owner . In a Web of Trust, everybody is a kind of CA. Every user signs certificates for whoever he wants. It relies on value of trust or trust relationships between regular users.

Web Of Trust model operates such that if we verify that A's certificate is actually for A and we verify that B's certificate is from B, A and B can both verify that C is in fact C. Now, when C want's to interact with us, he can provide his certificate which is trusted by both A and B. Since we trust A and B , we can conclude that it is highly probable that C is actually C. This works since we expect that A and B weren't both working together and C had to have convinced them both that he was ok.