kbin.life

Varen , 11 months ago to explainlikeimfive in How is the Recipient the Only One Able to Decrypt End to End Encryption?

With asymmetric encryption there are 2 keys - 1 is public (= everyone can look it up) and 1 is private (only the receiver has that key). Those are mathematically related.
When I send a message, I use the receivers Public key to encrypt the message - so that message is only decryptable with the private key, so the recipient alone can decrypt it.

Karlos_Cantana OP , 11 months ago

How is the recipient the only one with a private key? If the key is sent with the message, then how does it determine the recipient? Couldn’t someone spoof the recipient’s credentials? What credentials are used to determine the proper recipient?

Varen , 11 months ago

The private key never leaves the one it belongs to - if it does, then the encryption isn‘t secure anymore. If keys are sent, then the public ones, which are ‚public‘ (e.g. let me send you my public key, so you can send encrypted messages to me).

When you create a key pair, you get which the private and which the public one is. Keep your private key, private and you‘re the only holdener.

For advanced security, the messages (e.g. E-Mails) are secured on top with TLS, which encrypts the message on its way. If there‘s a man-in-the-middle attack, he would just see the encrypted message with no key to decrypt it.

moody , 11 months ago

Imagine a lock that requires 2 keys to work. One, the public key, can only lock it. The other, the private key, can only unlock it.

It’s safe to share the public key since anything it locks can only be opened with the private key. So every interaction you have that needs to be kept hidden, you send out a copy of your public key, and only your private key allows you to read the message.

Credentials are irrelevant. If you need to communicate with someone else, you send your key, they send theirs back. Anything you lock with their public key, only their private key will access.

HopFlop , 4 months ago

Lets say we wanna talk. I keep a private decryption key and send you a (public) encryption key. Everyone now knows how to encrypt a message for me but nobody, not even you, can read it. The decryption ley is NEVER SENT and kept secret, the encryption key is public but can never decrypt anything.

intensely_human , 3 days ago

The recipient is the only one with the private key because they generate the private key (simultaneously with the public key) on their own computer and then they don’t give anyone else a copy.

There is no mechanism per se that ensures only the recipient receives the encrypted message. But only someone with the private key can decrypt it.

chillbo_baggins , 3 days ago to science_memes in scan scam

Pretty sure a PET scan is when your dog smells your brain for colors

kandoh , 3 days ago to nostupidquestions in If you kill someone who happens to be an organ donor, which leads to someone receiving a lifesaving organ, are you really a killer?

Is it morally wrong not to kill organ donors?

I say yes

Aviandelight , 3 days ago to patientgamers in Monthly Recommendations Thread: What are you playing?

Cult of the Lamb and No Man’s Sky.

slazer2au , 11 months ago to explainlikeimfive in How is the Recipient the Only One Able to Decrypt End to End Encryption?

You are talking about the Alice and Bob situations.

Alice has a pair of keys. Private and public.

Bob has a pair of keys private and public.

Bob and Alice swap public keys.

Alice uses bobs public key to encrypt a message, when Bob receives the message he uses his private key to decrypt the message.

The private keys that do the decryption are never swapped. Only the public key are swapped which allow encryption.

If some else has bobs public key, they can not decrypt a message because the key they intercepted is used for encryption.

There is also another method called a Diffie-Hellman exchange. Where Bob and allice still swap public keys but Bob uses his private key and allices public key to do a maths equation to get a secret. Allice will use her private key and bobs public key doing the same math equations will result in the same number.

So the secret was never shared between them they both did the same equation and came to the same result.

morphballganon , 4 months ago

With Diffie-Hellman, wouldn’t the two private keys need to be the same to give the same result?

slazer2au , 4 months ago

No. The wiki article explains it better than I can.

en.m.wikipedia.org/…/Diffie–Hellman_key_exchange

intensely_human , 3 days ago

The two private keys represent two channels of information flow. One channel for each direction.

When Alice talked to Bob, they’re using Bob’s keys. When Bob talks to Alice, they’re using Alice’s keys.

If it’s a “two-way” conversation, that’s just two separate one-way channels being combined at the end into what seems like a single, two-way channel.

FlyingSquid , 4 days ago to lemmyshitpost in Stretching

To the person who flagged this NSFW because of the language, you probably will not last long on Lemmy if “clit” and “dick” (misspelled) are too not safe for where you work.

Katana314 , 4 days ago

If we can’t say dick it makes it hard to discuss my favorite detective in the Ace Attorney series.

FlyingSquid , 4 days ago

NSFW since 1948:

https://lemmy.world/pictrs/image/37323e92-257d-4890-ab10-4834d1f06098.png

And I’m sorry the shortened form of a medical term for a part of the human anatomy is too harsh a thing for certain sensitive eyes.

CaptainKickass , 4 days ago

What medical term is that?

FlyingSquid , 4 days ago

Seriously?

en.wikipedia.org/wiki/Clitoris (Now that link is NSFW.)

RubyRhod , 4 days ago

Holy hell that’s a good looking vagina.

CaptainKickass , 4 days ago

Thought you were defending the other word used

Try saying both of those words to a coworker or customer and let me know how SFW the meme is

FlyingSquid , 4 days ago

Try not looking at shitposts if your coworkers and customers can’t handle scary words considering the community is called Lemmy SHITpost.

CaptainKickass , 3 days ago

Or figure out what NSFW means, I guess 🤷

Are you that bad at social interactions?

Oh noes, scawy words 😘

FlyingSquid , 3 days ago

No one is saying those words to coworkers. They’re looking at a meme with words that really aren’t that bad in a forum with shit in the title and complaining about words on a screen that aren’t appropriate at work. Like the word shit.

Track_Shovel OP , 4 days ago

Doing the Lord’s work Squidward

Landless2029 , 3 days ago to linux in Need an RDP client compatible with AVD

I specialize in Azure admin.

Sounds like this might be by design to ensure secure connections.

Using AVD as a bastion replacement.

Only option with similar security would be VPN into the vnet and just ssh normally.

1. AVD as a jumpbox
2. Bastion (costly solution)
3. VPN then SSH/RDP

haerrii , 3 days ago to lemmyshitpost in Youtube ads attacking different today..

It’s the same people, only the rules are different

sentientity , 3 days ago to youshouldknow in YSK how to spot Love Bombing

Information that should be taught in school heath classes. It makes me queasy how often I have seen this from organizations and unscrupulous people in the wild. Happens a lot on campuses and wherever a lot of people are ‘new’ to an area or otherwise vulnerable socially. Predatory shit.

intensely_human , 3 days ago to explainlikeimfive in How is decentralized social media more private if all the data is public and shared?

It’s not more private. It’s more free. Meaning it’s harder to cut someone’s voice out of the conversation, because the conversation is administered across many different instances.

Moorcroftia , 3 days ago to pics in Olympic gymnast Giorgia Villa is sponsored by parmesan and takes many photos with a wheel of cheese

Has reality got so bad that it is now aping Ai?

the_toast_is_gone , 3 days ago to lemmyshitpost in Living in interesting times

You think you do, but you don’t.

skulblaka , 5 days ago to memes in Virgin nihilism vs Chad absurdism

Someone who comes here today will be happy to see this. I was, and I hope you are too. Exurb1a is just a treat, check out his other work too.

the_post_of_tom_joad , 5 days ago (edited 3 days ago)

Thank you, one of those someones is me. Now i have a new dude to peep (and i should read camus).

Edit for the void: one page into ‘The Plague’ and I’m getting chills.

LowleeKun , 3 days ago

Thanks. This video is gold. I watched it a year ago but this is something i should rewatch once in a while.

Strit , 14 days ago to linux in Which CLI app/utility you wish there was a GUI for?

I’d love supported GUI apps for pacman and systemd. I know there are GUI’s out there for them, but they are not supported by the main project, so they don’t count.

mfat OP , 14 days ago

Yeah I think a good GUI for systemd will be super useful even for people comfortable with command line.

Sometimes you need an overview of what is running on the system.

JetpackJackson , 14 days ago

There’s a TUI called sysz for systemd stuff, but I haven’t found a true GUI

refalo , 13 days ago

github.com/KDE/systemdgenie

github.com/hardpixel/systemd-manager

cockpit-project.org

JetpackJackson , 13 days ago

TIL! thanks!

corsicanguppy , 13 days ago

Systemd’s problems won’t be solved with a GUI. Now that lennart’s gone to Microsoft we can hope they upgrade in rhel10 or 11 to upstart or sysv.

refalo , 13 days ago

github.com/KDE/systemdgenie

github.com/hardpixel/systemd-manager

cockpit-project.org

sparr , 13 days ago

Why don’t they count? The systemd interface has been stable for a decade.

Strit , 13 days ago

They don’t count for me, because I can’t get support from the main project if it has a bug.

sparr , 3 days ago

You can’t get support from lemmy.linuxuserspace.show or any other website if there’s a bug in your web browser. You can’t get support from gmail or protonmail or any other mail provider if there’s a bug in your email client. It’s awful how much people have come to assume that clients and servers must and always come from the same provider.

morgunkorn , 3 days ago (edited 3 days ago) to technology in Blocking AI bots from Microsoft, others has been “pain in the a**”: Reddit CEO | Huffman says companies must pay to scrape Reddit data even though Reddit itself relies on free, user-generated content

Honestly, any platforms hosting user-generated content who use the legal argument that they only provide hosting and aren’t responsible for what their user post shouldn’t also be able to sell the same data and claim owning any of it.

Otherwise, take away their legal immunity. Nazis or pedophiles post something awful? You get in front of the judge.

edit: typo

aramis87 , 3 days ago

Good point!

givesomefucks , 3 days ago

Can’t sell something you don’t own.

So if they’re selling the parts people want, they need to own the parts no one wants.