Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've always wondered if / what is stopping someone from eves dropping or duping the initial handshakes before the communications are encrypted. If you get the cipher and understand the schema used you should be able to decode the otherwise secure traffic.


This video explains it in very easy-to-grasp terms:

http://www.youtube.com/watch?v=3QnD2c4Xovk


I prefer this one by the Royal Institution:

https://www.youtube.com/watch?v=U62S8SchxX4


Man, now I feel dumb. I was writing Lehmer generators for a semester last year and didn't even notice they are impossible to reverse. Thanks :P


The magic is the cache of CA root public keys that comes preloaded with your browser or OS, up to which all presented certificates need to verify.


the magic of public (asymmetric) key crypto is what stops you. http://en.wikipedia.org/wiki/Public-key_cryptography

in step 4 above the client sends data to the server that is encrypted with the server's public key. you don't have the server's private key, so you cannot decrypt that data. but the server can. so you cannot duplicate things, even if you are watching.

[edited to swap client/server roles]


Very helpful, thanks. Asymmetric keys explain it.


actually, i think the above is incorrect in detail, at least for some key distribution algorithms, but it gives the correct idea.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: