1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2011
    Rep Power

    Please check my protocol

    Hello everyone,

    Lately cryptography has taken my interest and I've been fiddling around with some hobby projects.
    Say I want to secure internet traffic between two users, a client and a server. I want to eliminate man-in-the-middle attacks.

    This is what I came up with:

    The client has the public key of the signer. The server has the private key.
    When a client connects to the server, it requests the certificate.
    The server then sends a certificate, including a (client-specific? please confirm) public key and a message digest.
    The public key is plain text. The message digest is encrypted with the private signer key. ECC (Elliptical Curve Cryptography) seems to be a strong algorithm, but if it's too complex I can still use RSA of course.
    The client receives the certificate and checks its authenticity by decrypting the message digest.
    It then checks if the message digest is equal to the message digest independently generated from the certificate, client-side.

    Now, Client->Server traffic is secured. Server->Client is not.
    The client now generates a random array of bytes. It sends this to the server. This is our symmetrical key for an algorithm like AES.
    Now, Client->Server traffic is secured, AND Server->Client is secured.

    My question: am I missing something? It sounds too good to be true, especially because there are far more complex systems like DSA/ECDSA, of which I don't really understand the advantage.
    Of course I could be completely wrong, if so, please tell me why and explain me 'the answer'. I'm still very new to this cryptography thing so be gentle

  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Feb 2008
    Rep Power
    You basically described SSL; using asymmetric cipher (e.g. RSA) to exchange a session key for a symmetric cipher (e.g. AES) that will be used to secure the bulk of the communications.

    Be sure you pad, etc.. correctly. Unpadded RSA is breakable, especially if the message is shorter than the key length.

    You could also use Diffie-Hellman for the key exchange, though you'll need to check the security status of it.

    Best regards,

IMN logo majestic logo threadwatch logo seochat tools logo