Attacker uses Alice’s key (intercepted in step 2) and encrypts the message with that key.Attacker receives the message from Bob and decrypts it.Bob receives message, and sends reply encrypted with attacker’s key (Eve’s key).Attacker crafts a message claiming that it comes from Alice, but using Eve’s key.Attacker (Eve) intercepts a conversation between two users (Alice and Bob).In this way, neither of the attacked parties, Alice or Bob, realize that there is an attacker altering the messages they are exchanging. Since Eve is intercepting the conversation, she gets the message from Bob and deciphers it (using her key) and enciphers it again (using Alice’s public key that she initially intercepted) before sending it back to Alice. When Bob receives this message, he replies by sending Alice a message that is encrypted with Eve’s key. Now Eve constructs a malicious message that says she is Alice, includes Eve’s public key, and sends it to Bob.
For instance, eavesdropper Eve gets Alice’s public key when she is sending it to Bob. An attacker needs to get the public key of one of the two victims in order to start the attack. The first scenario relates to public-key cryptography and key exchanges.
0 kommentar(er)
