Not at all, there's no man in the middle issue at all because the certificates which are issued by a trusted TP g'tee the ownership of the public key.
The logic goes like this:
You generate a random DES key known only to you. Let's call this KDE
You use this to encrypt the data. Lets call this E(Data)KDE.
You encrypt KDE under the recipients Public Key which you know to be his because it is certified by a CA. Let's call this E(KDE)PUBK. You send E(Data)KDE and E(KDE)PUBK to the recipient.
...over a secure channel?
if not E(KDE)PUBK is nothing but DES using key=pubk and data = kde
are you saying DES is a 1 way hash function? AFAIK it is not, so if u know pubk, u can get kde too.
The only person who can decrypt KDE is the recipient as the are the only person who has the private key that goes with their public key. The recipient decrypts E(KDE)PUBK, using their private key, thus retrieving KDE, this can in turn be used to decrypt E(Data)KDE.
No possibility of a MIM attack because you get the recipients PUBK from a certificate digitally signed by the CA's private key, and the validity of this can be checked using the CA's certificate.
Now of course if we didn't have certificates, then this all falls apart.
Get yourself a copy of Bruce Schneier's "Applied Cryptography" (ISBN 0-471-11709-9) and read it.
good idea :)
-thanks!
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
