Is this a sensible scheme for 2-way client/server communication? A client connec

Question

Is this a sensible scheme for 2-way client/server communication? A client connects to a server. The server and client both generate RSA keys, and send over the public ones to each other. If the client wants to send a message, they encrypt it with the server's public key, send it over, and the server decrypts it. Vice versa with server -> client.

Does this make sense? Presumably breaking this is equivalent to breaking RSA, right? Is something like this ever used in practice? If not, what do alternatives do better?

Explanation / Answer

The scheme you described is not a sensible scheme for 2-way client/server communication.

The new RSA public keys are not authenticated, thus you are not safe against active attackers, who could intercept the connection (or replace one of the partners). Those could read all the content, and/or replace it with their own.

If you would be using authenticated public keys (e.g. by certificates), the privacy would be given (i.e. an attacker couldn't read messages). But your messages have no authentication, and an active attacker could replace messages with their own ones, insert his ones, or drop messages.

You are using "ephemeral RSA key pairs" for each connection

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.