Commit 205c3d9973136288fb06ff57e4aba66927ca4f4c
Updated secure private channels: the good, the bad, and the ugly (markdown)
Dominic Tarr committed on 4/22/2015, 7:18:30 AMParent: 376aff64f1d07509ff2b55396b57dad4a041780d
Files changed
| secure-private-channels:-the-good,-the-bad,-and-the-ugly.md | changed |
| secure-private-channels:-the-good,-the-bad,-and-the-ugly.md | ||
|---|---|---|
| @@ -74,12 +74,15 @@ | ||
| 74 | 74 | ### Dramatization of SSH connection |
| 75 | 75 | |
| 76 | 76 | Alice: "hi I want to talk to you, in english, spanish or mandarin (prefer english)" |
| 77 | 77 | > Alice opens a connection, and lists the ciphers she supports, with preference. |
| 78 | + | |
| 78 | 79 | Bob: "hi I speak in english, spanish or mandarin (prefer english), okay lets whisper now" |
| 80 | + | |
| 79 | 81 | Alice: passes a secret note to Bob |
| 80 | 82 | > generates DiffieHelman key, sends public DH key to bob. |
| 81 | 83 | > begins DH exchange |
| 84 | + | |
| 82 | 85 | Bob: passes a note back, with I AM BOB signed on the outside. |
| 83 | 86 | > bob replies with bob's public DH key, bob's public RSA key, and a signature to prove they are bob. |
| 84 | 87 | > Alice now knows she is talking to Bob, Bob does not know who Alice is yet, |
| 85 | 88 | > but they do have secure communication now. |
| @@ -91,11 +94,15 @@ | ||
| 91 | 94 | |
| 92 | 95 | We are only interested in pubkey based authentications. |
| 93 | 96 | |
| 94 | 97 | The following is all private so Alice and Bob can speak normally. |
| 95 | -Alice: hey I'm alice and I want to use pubkey auth with <algorithm> and <key> | |
| 98 | + | |
| 99 | +Alice: hey I'm alice and I want to use pubkey auth with `algorithm` and `key` | |
| 100 | + | |
| 96 | 101 | Bob: okay go ahead "Alice" |
| 97 | -Alice: see it's me <signed> | |
| 102 | + | |
| 103 | +Alice: see it's me: _signed, Alice!_ | |
| 104 | + | |
| 98 | 105 | Bob: Alice it is you!!! |
| 99 | 106 | |
| 100 | 107 | ### Further Reading |
| 101 | 108 | |
Built with git-ssb-web