CRYPTO NEWS

Ethereum News today (03.08.2022)

Do digital signatures without contextual information protect you against signed messages replay attacks?

Consider this scenario: A signs a message to B using A’s private key. A then encrypts the signed message with B’s public key. A sends both plaintext and encrypted message to B so that B can verify. B receives the messages from A. B decrypts the signed message using B’s private key and verifies that::Listen

Consider this scenario:

  • A signs a message to B using A’s private key. A then encrypts the signed message with B’s public key. A sends both plaintext and encrypted message to B so that B can verify.

  • B receives the messages from A. B decrypts the signed message using B’s private key and verifies that the plaintext message indeed comes from A.

  • B then encrypts A’s signed message with C’s public key and sends it to C.

In this case, there is no way C can detect that it was B who sends the message to them. They will (mistakenly) think that it is A who sent the message right (Unless there is some other contextual information in the signed signature like timestamps or sequence number)?

Ethereum News today (03.08.2022)

Shopping cart
There are no products in the cart!
Continue shopping
0