What prevents a MITM attack in E2E chats?

V

Vocler2020-06-13 17:39:14

Information Security

Vocler, 2020-06-13 17:39:14

As far as I know, E2E encryption in modern messengers is generally implemented as follows:

1. Users generate a public-private key pair
2. Users send public keys to each other (through the server, of course)
3. Users encrypt sent messages with someone else's public key and decrypt received messages with their own private key.

What prevents the messenger server in this scheme from replacing public keys with its own and carrying out a MITM attack?

Yes, I understand that enthusiasts can contact via an independent channel and understand that the generated and received public keys differ, but after all, the server can carry out such attacks not on everyone in a row, but only on individuals of interest to it.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

Armenian Radio, 2020-06-13
@gbg

Nothing interferes. For E2E to work, it is necessary to verify public keys in a trusted way.

D

Dr. Bacon, 2020-06-13
@bacon

For example, when calling in a telegram, they offer to check the set of emojis shown, i.e. this is a fingerprint check of the key.

C

CityCat4, 2020-06-13
@CityCat4

Nothing interferes :)
That's why they say that all this security is exaggerated. It may be from a third party and security, but not from the chat admins.

K

KoreanGuy, 2020-08-03
@KoreanGuy

I'm not an expert, but I'm sure that's not how it works. Asymmetric cryptography in general is mainly used for signatures, and not for encryption itself. For E2E, as well as for TLS, one of the Diffie-Hellman variations is most likely used.