Question

Suppose Alice and Bob have RSA public keys in a file on a server. They communicate regularly using authenticated, confidential messages. Eve wants to read the messages but is unable to crack the RSA private keys of Alice and Bob. However, she is able to break into the server and alter the file containing Alice's and Bob's public keys.

How should Eve alter that file so that she can read confidential messages sent between Alice and Bob, and forge messages from either?

Answer 1

Step-by-step explanation:

Let's say that Alice's public key is (Ea,Na) and Bob's public key is (Eb,Nb) and registered. For Eve to change the file she could go ahead and create two new keys (Eza, Nza) and (Ezb, Nzb) then she could go on to register these for both Alice and Bob. If she is able to intercept their private conversations, she would be able to undo computation and change it to an encryption that has her own key.