In the case of signal, it is provable that it cannot. They do not hold the keys to decrypt. The closest risk is the server injecting a new public key into the conversation, which the Signal app will warn about.
Signal does hold the public keys for every user. But having the public key doesn’t let you decrypt anything. You need the private key to decrypt data encrypted with the public key. So in a chat example, if you and I exchange public keys, I can encrypt the message using your public key, but only you can decrypt it, using your private key.
Signal does run the key exchange, which means they could hand a user the wrong public key, a public key which they have the private key for, instead of the other person’s. That is a threat model for this type of communications, however, signal users can see the key thumbprints of their fellow chat participants and verify them manually. And once a chat has begun, any changes to that key alerts all parties in the chat so they know a change has happened. The new key wont have access to any previous or pending messages, only new ones after the change took place.
I mean I still don’t see how it can be encrypted for a private key with the deryption at some point running through the server unless the members devices at some point communicate with each other without the server as an intermediary. Is that what happens at some point?
The way they explained things is how it works, do you not understand how public/private key pairs are used in encrypted communications?
Does this picture help?
I’m not trying to be an ass if my post comes across that way, I’m just unsure of your level of knowledge so I don’t want to offend by providing basic level info if it’s not wanted.
my experience with public/private keys is ssh where I have logins in both places and I login without keys and move it to the .ssh file. That is what gets me. how is the key moved over for communication and if the server moves it then it could theoretically hold onto it. So in the picture above it takes the public key in step 2 and sends it on in step 3 which is used to encrypt the message. I just don’t see how the public key in that case can encrypt the message but not decrypt it.
An encrypted message requires the key pair to decrypt. So if I’m sending you a message I use your public key to encrypt, then you use your private key to decrypt. Only you have your private key. If I were going to sign something, rather than encrypt it, I would use my private key, then everyone could verify it was me by using my public key.
yeah I just don’t see how you can encrypt something with a key and not be able to decrypt it with the same key (I looked at the khan academy thing and have seen others. I never got the math around it).
I think we are more talking about can the server decrypt the data. Not that the data is encrypted.
In the case of signal, it is provable that it cannot. They do not hold the keys to decrypt. The closest risk is the server injecting a new public key into the conversation, which the Signal app will warn about.
Yeah I just don’t get this. How does a person added to a chat get keys then?
Signal does hold the public keys for every user. But having the public key doesn’t let you decrypt anything. You need the private key to decrypt data encrypted with the public key. So in a chat example, if you and I exchange public keys, I can encrypt the message using your public key, but only you can decrypt it, using your private key.
Signal does run the key exchange, which means they could hand a user the wrong public key, a public key which they have the private key for, instead of the other person’s. That is a threat model for this type of communications, however, signal users can see the key thumbprints of their fellow chat participants and verify them manually. And once a chat has begun, any changes to that key alerts all parties in the chat so they know a change has happened. The new key wont have access to any previous or pending messages, only new ones after the change took place.
I mean I still don’t see how it can be encrypted for a private key with the deryption at some point running through the server unless the members devices at some point communicate with each other without the server as an intermediary. Is that what happens at some point?
The way they explained things is how it works, do you not understand how public/private key pairs are used in encrypted communications?
Does this picture help?
I’m not trying to be an ass if my post comes across that way, I’m just unsure of your level of knowledge so I don’t want to offend by providing basic level info if it’s not wanted.
my experience with public/private keys is ssh where I have logins in both places and I login without keys and move it to the .ssh file. That is what gets me. how is the key moved over for communication and if the server moves it then it could theoretically hold onto it. So in the picture above it takes the public key in step 2 and sends it on in step 3 which is used to encrypt the message. I just don’t see how the public key in that case can encrypt the message but not decrypt it.
An encrypted message requires the key pair to decrypt. So if I’m sending you a message I use your public key to encrypt, then you use your private key to decrypt. Only you have your private key. If I were going to sign something, rather than encrypt it, I would use my private key, then everyone could verify it was me by using my public key.
https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:data-encryption-techniques/a/public-key-encryption
yeah I just don’t see how you can encrypt something with a key and not be able to decrypt it with the same key (I looked at the khan academy thing and have seen others. I never got the math around it).