There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?

  • Turun
    link
    fedilink
    2
    edit-2
    7 months ago

    Just a nitpick:

    If you know the private key it is trivial to calculate the public key, but the reverse isn’t true

    The public key and the private key are just two big prime numbers. The “trivial to compute” part only works once more information has been shared over the network, like it happens during key exchange. If you were to swap the prime number before initiating any contact it would work the same way.

    Edit: I probably confused different encryption concepts

    • @RegalPotoo
      link
      English
      27 months ago

      In RSA, the private key is a pair of big semi-primes, and the public key is derived from those numbers. I think you are confusing DHKE and RSA with your other points, the private key is never transmitted over the network. For TLS you typically use an asymmetric crypto system to validate identities and encrypt the key exchange to prevent person-in-the-middle, but the key that is agreed using that process is a symmetric key for AES or similar, but that is specific to TLS.

      Also, there are other asymmetric systems that don’t use primes at all - eliptic curve crypto is based on completely different math

      • Turun
        link
        fedilink
        17 months ago

        Oh, I may actually have confused that. Thanks for pointing it out.