CyberSeeker ,

For encryption, the client and server need to share their private keys.

This is incorrect, for asymmetric (public-private) encryption. You never, ever share the private key, hence the name.

The private key is only used on your system for local decryption (someone sent a message encrypted with your public key) or for digital signature (you sign a document with your private key, which can be validated by anyone with your public key).

For the server, they are signing their handshake request with a certificate issued by a known certificate authority (aka, CA, a trusted third party). This prevents a man-in-the-middle attack, as long as you trust the CA.

The current gap is in inconsistent implementation of Organization Validation/Extended Validation (OV/EV), where an issuer will first validate that domains are legitimate for a registered business. This is to help prevent phishing domains, who will be operating with TLS, but on a near-name match domain (www.app1e.com or www.apple.zip instead of www.apple.com). Even this isn’t perfect, as business names are typically only unique within the country/province/state that issues the business license, or needed to be enforced by trademark, so at the end of the day, you still need to put some trust in the CA.

slazer2au ,

Why are they sharing private keys?

The point of the system is you share public key so others can encrypt data and the you use your private key do decrypt it.

RegalPotoo ,
@RegalPotoo@lemmy.world avatar

You've missed a key detail in how asymmetric encryption works:

  • For asymmetric encryption algorithms, you essentially have two keys - a "private" key, and a "public" key
  • If you know the private key it is trivial to calculate the public key, but the reverse isn't true - just given the public key, it is essentially impossible to calculate the private key in a reasonable amount of time
  • If you encrypt something with the public key you must use the private key to decrypt it, and if you encrypt with the private key you can only use the public key for decryption
  • This means that my server can advertise a public key, and you can use that to encrypt the traffic so that only the server that knows the private key can decrypt it
Scubus ,

But how does the encryption work if you have the public key? Since your computer knows how to encrypt the data with the public key, couldn't you use that same public key to run that algorithm in reverse? If not, since the public and private keys are not the same, how does the private key go about decrypting that data?

RegalPotoo ,
@RegalPotoo@lemmy.world avatar

The actual math is way beyond me, but the algorithm is "one way" - it exploits the fact that given two prime numbers (ie, the private key) it is trivial to multiply them together, but if you only know the result (ie, the public key) it is computationally very expensive to determine the original prime factors. If you pick big enough numbers, it becomes effectively impossible to undo the multiplication

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • kbinchat
  • All magazines
    •