Can you help me understand the following reasoning? If Alice sends Bob a message

Question

Can you help me understand the following reasoning?

If Alice sends Bob a message and that message is encrypted with two keys simultaneously: a symmetric key (Ks) and Bob's public key. The symmetric key (Ks) is also sent to Bob, encrypted with the private key of Alice. The conclusion reached from this exchange of messages is that Bob can not be sure that the message was written by Alice but Alice can be sure that only Bob can read.

But how can we reach this conclusion: Bob does not know if it was Alice who wrote if he had to get the public's Alice for the symmetric key (Ks)?

Explanation / Answer

The problem is that there are not one, but two functions of asymmetric keys.

The first function is encrypting. To ENCRYPT data, you need only a public key. In this case, Bob has Alice's public key. He uses this public key to encrypt the data. The data is then sent to Alice. Alice is the only person who can DECRYPT the data, because only she has the private key.

The second function is signing. This is not the same as encrypting. Bob uses his PRIVATE key to SIGN the encrypted message before sending it to Alice. So when Alice receives the message, it is both signed by Bob's private key and Encrypted with Alice's public key. So Alice can use Bob's public key to verify that it was indeed signed by Bob, and then she can decrypt it using her own private key.

That way, she knows that (a) Bob sent it and (b) it was sent to her and nobody else read it.

The only part of this that isn't covered is the public key exchange, which ideally is done or at least verified in person or via voice.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.