diff --git a/PublicSecretCrypto/README.md b/PublicSecretCrypto/README.md index 8a98f31..b59bc85 100644 --- a/PublicSecretCrypto/README.md +++ b/PublicSecretCrypto/README.md @@ -21,28 +21,28 @@ The keys are generated by the reciever who then publishes the public key in a "p * Chose kids who play Alice and Bob * Alice wites a message and put it in an envelope/box. close the box by using the padlock and public key. -** but which key to use? Remember, the keys are created by the reciever. So we need to use Bob's public key. -** insist that the padlocks and public keys are accessible to anyone. Only the secret keys are... secret + * but which key to use? Remember, the keys are created by the reciever. So we need to use Bob's public key. + * insist that the padlocks and public keys are accessible to anyone. Only the secret keys are... secret * Bob recieves the box, and can unlock the padlock with his secret key -** he is happy for the message -** but who wrote it. It says Alice, but anyone could write that, then use Bob's public key and send it to him + * he is happy for the message + * but who wrote it. It says Alice, but anyone could write that, then use Bob's public key and send it to him * Signing * Alice wants to prove that the message comes from her. -** Show that the padlocks have a second function. If you use first the secret key -** Alice writes her message, then attaches a padlock to it and closes it with her secret key. only she has that key. + * Show that the padlocks have a second function. If you use first the secret key + * Alice writes her message, then attaches a padlock to it and closes it with her secret key. only she has that key. So she is the only one who is able to close the padlock that way. -** Alice puts the message with the padlock-signature into a bo and encrypts it with the reciever's (Bob) public key. -** Bob recieves the box, aand decrpyt with his secret key -** He sees the message with Alice signature -** He veryfies the signature by trying to open the lock with alice's public key. It works! So that proves that the message comes from her. + * Alice puts the message with the padlock-signature into a bo and encrypts it with the reciever's (Bob) public key. + * Bob recieves the box, aand decrpyt with his secret key + * He sees the message with Alice signature + * He veryfies the signature by trying to open the lock with alice's public key. It works! So that proves that the message comes from her. * Certification authorities * You can verify a signature, but for that you need a public key. Anyone in the world coud say "I am Alice, here is my key". So we are back to starting square. -** Some higher instance needs to prove that the public key is the one of Alice. That is called a certification authority. -** The certification authority signs the public key. This creates a certificate. -** But who signs the certification authority's public key? -** another certification authority, and so on... at some point you need to trus some authority -** Web browsers come with built-in certification authorities which the browser trusts. That's how the websites prove that they are who they say. Show a webbrowser's CA list. + * Some higher instance needs to prove that the public key is the one of Alice. That is called a certification authority. + * The certification authority signs the public key. This creates a certificate. + * But who signs the certification authority's public key? + * another certification authority, and so on... at some point you need to trus some authority + * Web browsers come with built-in certification authorities which the browser trusts. That's how the websites prove that they are who they say. Show a webbrowser's CA list.