diff options
Diffstat (limited to 'sq-guide.md')
| -rw-r--r-- | sq-guide.md | 44 |
1 files changed, 30 insertions, 14 deletions
diff --git a/sq-guide.md b/sq-guide.md index 2069c86..2c1d8e0 100644 --- a/sq-guide.md +++ b/sq-guide.md @@ -293,12 +293,22 @@ follows. Say Alice wants to send a confidential message to Bob. She encrypts the message using Bob's public key, sends him the encrypted message, and Bob decrypts it using his private key: -```text - Alice | Internet | Bob - | | - Encrypt Message | | Decrypt Message - with Bob's ---> Encrypted Message ---> with Bob's - Public Key | | Private Key +```pikchr +right +A: oval "Alice" +arrow +I: circle radius 2cm "Internet" +arrow +B: oval "Bob" + +move down 0.5cm from A.s +text "encrypt" small "message" small "with Bob's" small "public key" small + +move down 0.5cm from I.s +text "encrypted" small "message" small + +move down 0.5cm from B.s +text "decrypt" small "message" small "with Bob's" small "private key" small ``` How Alice sends the message to Bob doesn't matter. Someone who @@ -392,10 +402,13 @@ way: if Bob can authenticate Alice's key, and a message is signed using Alice's key, then Bob can be confident that the message really came from Alice. -``` - | | - Mallory ---> Message from "Alice" ---> Bob - | | +```pikchr +right +oval "Mallory" +arrow +file width 2.5cm "Message" "from" "\"Alice\"" +arrow +oval "Bob" ``` The second problem, interception, is more subtle and can't be solved @@ -415,10 +428,13 @@ even fool Bob by reencrypting it using Bob's real certificate, and forwarding that version to Bob. Bob will be able to decrypt the message as usual and won't suspect a thing! -``` - | | - Alice ---> Message ---> Mallory ---> Message ---> Bob - | | +```pikchr +right +oval "Alice" +arrow 3cm "Encrypted" below "message" below +oval "Mallory" +arrow 3cm "Re-encrypted" below "message" below +oval "Bob" ``` The only practical way to prevent this type of attack is to |