6
donuts
6y

So I was thinking about SSL and trying to understand it (random thought that just came up while eating lunch). I came up with this analogy, not sure if maybe I've heard it before... Is this understanding correctly?

A and B want to send letters but make sure no one other than them can get in on the conversation or impersonate them.

Each is able to create a pen and glasses that must be used to see the ink.

So when they first connect, they exchange the pens.

So even if a middle man can duplicate the pen he can't actually read what anyone is saying. And if he tried to write something, the receiver will know it's not sent by the other since it makes no sense. So they then write a new letter and agree to send each other new pens and use new glasses?

Comments
  • 1
    Yeah, I guess you've got the basic core of it down there.

    Your analogy describes public key cryptography really well. Your pens that are exchanged are the public keys and the glasses are the private keys.

    SSL is built on public key cryptography but there are also a lot more things to consider, for your own understanding.

    For example how can I prove that the pen I got from B is actually from B and not from an evil C ?
    Is there a way I (as C) can send random messages to one of you and look at your responses and work out important information, can I work out what your 'glasses' (private key) look like?

    I think your analogy is good for public key cryptography, SSL is public key cryptography ++
Add Comment