There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?
I don't think DH is accurately relating to this. DH key exchange is used to generate a shared secret to use symmetric cryptography by two entities from (generally temporary) private keys, which are not specifically associated with a public key (this is not a public/private key pair)
To me, two examples of public/private key usage are RSA (asymmetric cryptography) and for example SSH authentication with a key pair. DH key exchange can be used in SSH to encrypt communication, before authentication even begins
Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key.
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
For encryption, the client and server need to share their private keys.
This is incorrect, for asymmetric (public-private) encryption. You never, ever share the private key, hence the name.
The private key is only used on your system for local decryption (someone sent a message encrypted with your public key) or for digital signature (you sign a document with your private key, which can be validated by anyone with your public key).
For the server, they are signing their handshake request with a certificate issued by a known certificate authority (aka, CA, a trusted third party). This prevents a man-in-the-middle attack, as long as you trust the CA.
The current gap is in inconsistent implementation of Organization Validation/Extended Validation (OV/EV), where an issuer will first validate that domains are legitimate for a registered business. This is to help prevent phishing domains, who will be operating with TLS, but on a near-name match domain (www.app1e.com or www.apple.zip instead of www.apple.com). Even this isn’t perfect, as business names are typically only unique within the country/province/state that issues the business license, or needed to be enforced by trademark, so at the end of the day, you still need to put some trust in the CA.
Great question: it's called asymmetric cryptography for a reason.
The key pair is built by the person wanting to receive private messages. The public part is made public an can be used to encrypt messages to the owner of the private key. Without it you cant read the contents.
As this method is not really performance friendly, thus method is usually used to establish a symmetric encryption key for both parties that can't be intercepted this way.
In fact: if the attacker can switch out the public key for his own during transfer, he can use it to decrypt the messages and relay them to the first party, thereby revealing all the messages. This is called a man-in-the-middle attack. This is why authentication of the key is so important. This is usually done via a trusted third party.
Sorry to be so short, I hope I have given you enough words to Google for further reading.
Great question. Modern encryption schemes are usually composed of a handful of primitives. If we consider something like HTTPS it uses both asymmetric and symmetric parts.
Asymmetric encryption is the "magic" that you are missing. Asymmetric encryption algorithms create a keypair, one half of this is the "public key" which can be used to encrypt messages that can only be decrypted by the "private key". This means that even if the public key is public (as the name suggests) the messages can't be decrypted without the private key.
You can think of this as giving someone an open padlock. They can put something inside a box and lock it using the padlock, but they can't open it without your key.
Using this you could come up with a very simple protocol for establishing a secure channel:
- The server sends you their public key, along with a certificate that proves that it belongs to them.
- The client then uses this public key to encrypt a key for symmetric encryption.
- The client sends this encrypted key to the server.
- The server decrypts the key.
- Now the client and server can both use the shared key to communicate.
(Note: There are many missing features from this system, but I think it illustrates the point. Don't design your own crypto.)
