jnrreel.blogg.se - october 2023

Since the packet has been encrypted with the public key Y, the master can decrypt it with the private key of Y and therefore get the “secret symmetric key” W. Computer A has to pass the master, because Computer A and Computer B have a connection to the master and not among each other!

Computer A tries to send the packet to Computer B via the Master.

Computer A generates a symmetric key W, which is required for communication between A and B, and encrypts it with the falsified public key Y, instead of the public key B.

However, the Master does not send the Public Key B, but a falsified Public Key Y to Computer A.

Computer A requests the Public Key B from the Master.

Consider the following, little realistic, but not impossible scenario … Man-in-the-Middle-Attack originating from the TeamViewer Master against both Computers

Wouldn’t that be the master server who knows damn much about A and B and controls all negotiations and transfers. The master receives the public keys from A and B.

Now let’s take a closer look to the establishment of a connection by two computers via TeamViewer. My answer is: Yes, you should think about it.įirst, remember the Public/Private Key and Digital Signature procedures. Should we care of that? It’s all encrypted. And with that service we may encounter a problem: The whole connection is established via the TeamViewer Server.