1

I am working on a chat application, and I am trying to secure the communication by using asymmetric encryption. I am able to encrypt a message with the receiver's public key and decrypt a message with the receiver's private key.

However, how can a client be sure that the sender is the real sender?

Example: We have Alice and Bob. Alice encrypts a message with Bob's public key, and Bob decrypts the message with his own private key. However, how can he be sure that the sender of the message is Alice?

I have read about adding a nonce, but I am not sure how that will help. What I understand is that Alice will add a random number to the message she sends. Bob will be, somehow, able to identify the sender of the message as Alice by looking at this number?.

Let us say that the message is: "Hello Bob" and the nonce is "6". The message gets encrypted with Bob's public key, but what about the nonce?

  • 1
    Have you ever see whatsupp, signal; square code? – kelalaka Nov 01 '18 at 19:07
  • No sorry, I have not :/ –  Nov 01 '18 at 19:09
  • See [faq section of Whatsapp](https://faq.whatsapp.com/en/android/28030015/) – kelalaka Nov 01 '18 at 19:11
  • Regarding the nonce exchanging, does that have to happen before a chat starts, or is it the beginning of a chat? –  Nov 01 '18 at 19:14
  • But what about without QR code? –  Nov 01 '18 at 19:24
  • 1
    Write the public key into paper and send a photo, or call out loud in a telephone call – kelalaka Nov 01 '18 at 19:25
  • Is your chat data between Alice and Bob going through the central server? If so you need to assure that who is Alice communicating with is Server, and who is Bob communicating with is Server. Alice and Bob will identify to the server using credentials they got during registration. – croraf Nov 02 '18 at 07:11

1 Answers1

0

In typical public-key cryptography, a user generates locally his public/private key pair. The private key is generally chosen at random and the public key is easily computed given the private. The problem in this approach is that you have no guarantee that the public key of a specific user is indeed associated to his private key; an man-in-the-middle can intercept the communication and substitute the public key with his public key so he can later decrypt the messages with his private key. To overcome this problem, usually a trusted third party issues certificates to prove the ownership of a public key. The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of the third party that has verified the certificate's contents. X.509 is a standard defining the format of public key certificates. Another solution to overcome this problem is to use identity-based cryptography. It was introduced in 1984 by Shamir (the 'S' guy is 'RSA') but his scheme was only working for signatures. In 2001, Boneh and Franklin proposed an encryption scheme using bilinear pairings over elliptic curves.

Community
  • 1
Youssef El Housni
  • 101
  • 3