8.6 Publishing Public Keys

We get the most benefit out of public-key cryptography if we publish and share public keys. This allows anyone to pick up a public key and encrypt a message to someone else. Attackers can’t use the public key to decrypt the message, at least not without breaking the system.

On the other hand, key cracking isn’t the only risk. There is also a trick in which an attacker actively intercepts all traffic. This is often called a man-in-the-middle attack. It is also known as the bucket brigade attack. FIGURE 8.26 provides a diagram of the action. Here is how it works:

An illustration depicts a bucket brigade attack.

Get Elementary Information Security, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.