|
Anonymous Key Exchange
|
Previous Top Next |
| 1. | Assume that person A wants to send a message to an unknown person B.
|
| 2. | The sender (A) asks the intended recipient (B) for the hex ID of the recipient's anonymous key.
|
| 3. | (B) sends the hex ID of their anonymous key to (A), which is a very short value which takes up minimum bandwidth.
|
| 4. | (A) receives the hex id from (B) and sees if they already have (B)'s anonymous public key in their keyring from a prior conversation.
|
| 5. | If not, (A) asks (B) to send (B)'s public key in plain text, which (B) does automatically (unless B's options forbid it).
|
| 6. | (A) now encrypts the message to (B)'s public key and sends it.
|
| When you send a message to an anonymous person, a man-in-the-middle attack could theoretically intercept (B)'s public key and replace it with their own and pass their own key to (A).
|
| Unless (A) signs his message with a key known to (B), (B) cannot be sure who is the originator of the message, and a man-in-the-middle attack could be used to impersonate (A).
|
| Man-in-the-middle attacks would require fairly sophisticated manipulation by someone with access to the communication lines on irc (either on bnc, server, or isp), but remains a possibility. For maximum security, users should exchange Permanent keys through external means (email, etc), and use these keys when conversing.
|
|
|
| Note that exchanging public keys outside of irc is infinitely more secure than exchanging Symmetric blowfish/mircryption channel keys outside of irc, because just intercepting public keys from your email will do no one any good unless they can ALSO mount a man-in-the-middle attack on the irc server or your isp.
|