HI .. I am a newbie .. I request you to correct me in the following assumption
1. If a person gets to know the public rsa key of a cable modem(transmitted during Auth-request phase) , then he would be able to decrypt the auth info(which is encrypted with CM's rsa public key) trasmitted from CM to CMTS.
2. The auth info is used to obtain KEK and HMAC digests which are used later.
3. Again, TEK is encrypted by using KEK, which the hacker already knows.
4. The hacker would then be able to decrypt all the following messages.
I understand that i am missing something somewhere .. because in PKI, even if the hacker gets to know the public key, he will not be able to succeed in decrypting the message.
kindly correct me
Thanks in advance
The Way public/private key pairs work is like this:
When a key pair is generated they are generated in a Pair a public key and a private key
messages encrypted with the private key can only be decrypted with the public key
messages encrypted with the public key can only be decrypted with the private key
A super simplified version of what happens is
during initialization the CMTS and the CM exchange public keys in the clear
The CMTS then generates a new public/private key pair
Then the CMTS sends the CM the new public key to encrypt future traffic, this key is encrypted using the CM's public key
The cable modem Decrypts this message using the CM's private key,
When the CM sends a message it uses the new public key it decrypted to encrypt its message, The CMTS uses the private portion of that same key to decrypt that message
The key pair the CMTS generates is only good for a certain amount of time, and when it expires the process starts over again
To compromise the process a Hacker would need access to the CM's Private key not its public key which is publicly available.
Thank you for the detailed explanation...