Akeni Logo
首頁 產品 下載 購買 論壇 支援 聯絡
Digital Certificates

Many Peer-to-Peer LAN messenger systems claim that they support encryption, but there is little security when that encryption is done without the use of digital certificates.

There are two major problems associated with using encryption in a P2P system without digital certificates (note that systems with a centralized server such as Akeni Pro Messenger does not have these problems.)

The first problem is that there is no authentification. The message itself is encrypted, but how does alice know that the message really came from bob and not from carol? Digital certificate solves that problem because the certificate ensures that a message really did come from bob.

The second problem is that encryption done without certificate is open to the so called man-in-the-middle-attack. In this form of attack an intruder can insert him/herself between two users, intercepting their messages, listening to their conversation and even tampering with the message.

Using encryption without digital certificate is a bit like sending letter in an sealed envelop without a wax seal. All one knows that the letter has arrived in an sealed envelop, but there is no guarantee that someone have not opened the original envelop, read the message, and then put the letter and sealed it in a new envelop.