diff options
author | Lars Wirzenius <liw@liw.fi> | 2021-12-07 08:07:45 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2021-12-07 08:07:45 +0000 |
commit | 91956b3dac18194dc96c2707656bdb22b3f4faa7 (patch) | |
tree | 08a818bf30eb1305e38347909b34f4a9db17eef7 | |
parent | ef744da4b91576f611f31d1573994d89a7b72546 (diff) | |
parent | 79630cb89ba370effd80b83488af73ba22671079 (diff) | |
download | sq-user-guide-91956b3dac18194dc96c2707656bdb22b3f4faa7.tar.gz |
Merge branch 'diagrams' into 'main'
style: use pikchr markup for diagrams of PK communication
See merge request sequoia-pgp/sq-user-guide!17
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | sq-guide.md | 44 |
2 files changed, 31 insertions, 15 deletions
@@ -1,4 +1,4 @@ -PANDOCOPTS = --standalone --number-sections --toc --toc-depth=2 "-Vdate=$(shell git describe)" +PANDOCOPTS = --standalone --number-sections --toc --toc-depth=2 "-Vdate=$(shell git describe)" --filter pandoc-filter-diagram HTMLOPTS = -H sq.css .SUFFIXES: .md .html .pdf diff --git a/sq-guide.md b/sq-guide.md index 2069c86..2c1d8e0 100644 --- a/sq-guide.md +++ b/sq-guide.md @@ -293,12 +293,22 @@ follows. Say Alice wants to send a confidential message to Bob. She encrypts the message using Bob's public key, sends him the encrypted message, and Bob decrypts it using his private key: -```text - Alice | Internet | Bob - | | - Encrypt Message | | Decrypt Message - with Bob's ---> Encrypted Message ---> with Bob's - Public Key | | Private Key +```pikchr +right +A: oval "Alice" +arrow +I: circle radius 2cm "Internet" +arrow +B: oval "Bob" + +move down 0.5cm from A.s +text "encrypt" small "message" small "with Bob's" small "public key" small + +move down 0.5cm from I.s +text "encrypted" small "message" small + +move down 0.5cm from B.s +text "decrypt" small "message" small "with Bob's" small "private key" small ``` How Alice sends the message to Bob doesn't matter. Someone who @@ -392,10 +402,13 @@ way: if Bob can authenticate Alice's key, and a message is signed using Alice's key, then Bob can be confident that the message really came from Alice. -``` - | | - Mallory ---> Message from "Alice" ---> Bob - | | +```pikchr +right +oval "Mallory" +arrow +file width 2.5cm "Message" "from" "\"Alice\"" +arrow +oval "Bob" ``` The second problem, interception, is more subtle and can't be solved @@ -415,10 +428,13 @@ even fool Bob by reencrypting it using Bob's real certificate, and forwarding that version to Bob. Bob will be able to decrypt the message as usual and won't suspect a thing! -``` - | | - Alice ---> Message ---> Mallory ---> Message ---> Bob - | | +```pikchr +right +oval "Alice" +arrow 3cm "Encrypted" below "message" below +oval "Mallory" +arrow 3cm "Re-encrypted" below "message" below +oval "Bob" ``` The only practical way to prevent this type of attack is to |