I have a doubt with the symmetric key cryptography methods, if I understood correctly the text, the two hosts that want to communicate will have the same key for translating the encrypted data into plain text.
Then, how do both hosts know the key without sending it through the network in plain text?
That is a good question Alvaro. One idea is to use out-of-band communication for that (a different channel, like a phone call, to exchange that information).
Another idea is that, only if the users have met before and agreed upon a secret key, they can later use it for secure communication over the network.
There are, finally, other methods to set a secret key in a secure way over the Internet for peers that have never met before, but I will keep it secret till tomorrow's class :-)
No special doubts this time. I have some links if you want to emphasize in the theme. First, the subject of Criptography taught at the university, with the slides and some practices to do with specific software: http://users.dsic.upv.es/asignaturas/facultad/cri/cripto.html (sorry it's only in spanish)
And secondly, starting from January, the University of Standford will start a course about Criptography (among some others related with Computer Science): http://www.crypto-class.org/
Ha, ha, ha, ha! Miguel, I think now we know your secret about the "methods to set a secret key in a secure way over the Internet for peers that have never met before".
It's the public-key cryptography method, right? What you explained at the end of the class... They use RSA to transmit just the secret key that is going to be used in the symmetric key cryptography method, right?
I have a doubt with the symmetric key cryptography methods, if I understood correctly the text, the two hosts that want to communicate will have the same key for translating the encrypted data into plain text.
ReplyDeleteThen, how do both hosts know the key without sending it through the network in plain text?
That is a good question Alvaro. One idea is to use out-of-band communication for that (a different channel, like a phone call, to exchange that information).
ReplyDeleteAnother idea is that, only if the users have met before and agreed upon a secret key, they can later use it for secure communication over the network.
There are, finally, other methods to set a secret key in a secure way over the Internet for peers that have never met before, but I will keep it secret till tomorrow's class :-)
No special doubts this time. I have some links if you want to emphasize in the theme. First, the subject of Criptography taught at the university, with the slides and some practices to do with specific software: http://users.dsic.upv.es/asignaturas/facultad/cri/cripto.html (sorry it's only in spanish)
ReplyDeleteAnd secondly, starting from January, the University of Standford will start a course about Criptography (among some others related with Computer Science): http://www.crypto-class.org/
Ha, ha, ha, ha! Miguel, I think now we know your secret about the "methods to set a secret key in a secure way over the Internet for peers that have never met before".
ReplyDeleteIt's the public-key cryptography method, right? What you explained at the end of the class... They use RSA to transmit just the secret key that is going to be used in the symmetric key cryptography method, right?
Exactly Pedro!
ReplyDelete