Akeni Logo
首页 产品 下载 购买 论坛 支援 联络
Digital Certificates

Many Peer-to-Peer LAN messenger systems claim that they support encryption, but there is little security when that encryption is done without the use of digital certificates.

There are two major problems associated with using encryption in a P2P system without digital certificates (note that systems with a centralized server such as Akeni Pro Messenger does not have these problems.)

The first problem is that there is no authentification. The message itself is encrypted, but how does alice know that the message really came from bob and not from carol? Digital certificate solves that problem because the certificate ensures that a message really did come from bob.

The second problem is that encryption done without certificate is open to the so called man-in-the-middle-attack. In this form of attack an intruder can insert him/herself between two users, intercepting their messages, listening to their conversation and even tampering with the message.

Using encryption without digital certificate is a bit like sending letter in an sealed envelop without a wax seal. All one knows that the letter has arrived in an sealed envelop, but there is no guarantee that someone have not opened the original envelop, read the message, and then put the letter and sealed it in a new envelop.