Will this method work if Alice and Bob don't know each other?
What could Eve do if she were impersonating one of them? What if she were "in the middle", that is, what if Bob thought Eve was Alice and Alice thought Eve was Bob?
Answer:
Eve could establish a secret with both Alice and Bob. Since Eve knows N and P, she could pick her own secret exponent E and could act as Bob to Alice and as Alice to Bob. Here how Eve would do this:
- Eve computes L = NE (mod P).
- When Alice sends out J = NA (mod P), Eve
intercepts it (J never reaches Bob, and neither Bob nor Alice know this fact). In addition, when Bob sends out K = NB (mod P), Eve intercepts K.
- Eve then sends L to Alice AND Bob. Eve at this point has duped Alice into believing that L is from Bob, and she has duped Bob into believing that L is from Alice.
- Alice proceeds as usual (mistakenly thinking that L is from Bob) and
calculates LA (mod P). Bob also proceeds as usual
(mistakenly thinking that L is from Alice) and calculates LB
(mod P).
- Alice then thinks that her result is her shared secret with Bob, even though it's really a "shared secret" with Eve!
[Keeping track of things, Alice and Eve's shared secret number is
NAE (mod P).]
Bob thinks the same thing
[Bob and Eve have the different shared number of NBE (mod P)].
- Now, when Alice sends Bob a message using what she thinks is their secret, Eve is able to decipher the message from Alice, read it, and encipher it again to send to Bob. Bob and Alice are none the wiser, and Eve reads all of their correspondence! Yikes!