January 2007
Beginner
544 pages
14h 21m
English
Content preview from Computer Security and Cryptography
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
18.6 WHO CAN YOU TRUST?: KOHNFELDER'S CERTIFICATES
Kohnfelder writes in Part I, Section D, Weaknesses in Public-Key Cryptosystems of his thesis,
Although the enemy may eavesdrop on the key transmission system, the key must be sent via a channel in such a way that the originator of the transmission is reliably known.
Kohnfelder observed that all public-key cryptosystems are vulnerable to a spoofing attack if the public keys are not certified; User_ID[C] pretending to be User_ID[A] to User_ID[B] by providing User_ID[C]'s public-key (in place of User_ID[A]'s public key) to User_ID[B]. Unless User_ID[B] has some way of checking the correspondence between ID[A] and PuK(ID[K]), this type of spoofing attack is possible.
Kohnfelder proposed a method to make spoofing more difficult in Part III of his thesis. He postulates the existence of a public file 
that contains (in my notation) pairs {(ID[A]), PuK([ID[A])} for each user in the system. Although it might be possible for User_ID[C] to contact to ask for a copy of User_ID[A]'s public key, the public file solution suffers from the same operational defects as a network-wide key server:
- What entity will maintain and certify a large database that is continually changing?
- The public file will need to be replicated to prevent severe access ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.