7

As I understand it, when two systems create a secure SSH tunnel, the first step involves communicating the 'guidelines' for the encryption of that tunnel. If an third system is able to listen in on this initial conversation, wouldn't it be able to decode all of the data that is sent through the tunnel? How is the tunnel secured if the initial conversation is conducted across a public connection?

Hoytman
  • 483
  • 1
  • 6
  • 10
  • I've found that [this analogy](http://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w/6296#6296) has been really helpful in understanding the concept. – asteri Apr 16 '14 at 16:05

2 Answers2

12

Though the question is about SSH, the same concept as in SSL apply, so see this answer which explains it all.

Short summary: it's magic. Asymmetric cryptography magic, to be precise.

Community
  • 1
Thomas Pornin
  • 322,884
  • 58
  • 787
  • 955
  • It is worth mentioning that SSH has not been using [Diffie-Hellman key exchange](http://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange) before v2 and that TLS/SSL also not necessarily is using it but might be (and often is) configured to simply choose a random value at the client as the secret key and send it to the server after encrypting it with the server's public key. This is obviously less secure as the DH key exchange, but is often chosen over DH due to compatibility issues and the higher computational overhead of DH on the server's side. – syneticon-dj Apr 16 '14 at 15:49
  • Interesting, Do SSL certificates and SSH public/private both contain (public) a really large number and (private) the two smaller prime numbers which are multiplied to render the first number? – Hoytman Apr 16 '14 at 16:09
  • The "certificate" stricto sensu contains only the public part; the _private key_ is not part of the "certificate" (but many people use the term "certificate" to designate both the certificate and its private key). And yes, there are big numbers encoded in these objects. – Thomas Pornin Apr 16 '14 at 17:10
2

The good old safe-with-two-locks analogy:

Alice has a safe with a message for Bob. (The message is what you refer to as the 'guidelines' for the encryption of that tunnel).

She locks the safe with the message in it with her lock (and keeps the key).

Bob receives the safe, but cannot open it. Instead, he adds his lock on the safe, and send the safe back to Alice

Alice, now satisfied that the safe is locked with Bob's lock, removes here own lock (with her private key), and send the safe again

Bob receives the safe, with his lock only on it, and can now open it.

This is the basics of how exchanging private information over a public network works, with an asymmetrical key for each participant.

Through this mechanism, Alice and Bob are able to exchange information as to how to establish the encrypted connexion.

Community
  • 1
njzk2
  • 332
  • 2
  • 9