Cryptography Reference
In-Depth Information
!
B
A
M
Exchanging keys (Mallory can act
as the man in the middle).
?
A
B
Alice sends Bob the first half of an
encrypted message.
M
?
A
B
M
Bob sends Alice the first half of an
encrypted message
?
A
B
M
Alice sends the second half.
?
A
B
M
Bob sends the second half.
A
B
Both of them put the halves received
together, decrypt them, and might
discover a fraud.
Figure 4.16:
Using the interlock method to avoid the man-in-the-middle attack.
This is an endless topic, so I will mention the solutions just briefly. There are
two popular concepts related to two software packages: PEM and PGP (more
in Chapter 7).
PEM
(
Privacy-Enhanced Mail
) is a standard for sending encrypted emails
on the Internet that manages public keys on certified computers arranged
