The check digits solve the MITM problem. You should compare them by another channel than email, such as text message. This is called "Short Authentication String" (SAS).
> “ When WhatsApp was pressured to leave a backdoor into the encryption, it said “no” but instead agreed to log and report all dubious communication before it is encrypted. ”
I've now implemented folder encryption. If you encrypt folder 'foo', you get the file 'foo.encrypted'. When you decrypt it using the same tool, you get file 'foo.zip' which you download and uncompress into a folder 'foo'.
8 comments
[ 4.3 ms ] story [ 29.1 ms ] threadThat is, how email exchange can be guaranteed to work properly, and MITM won't insert his email in the middle of the process?
Reference: https://en.wikipedia.org/wiki/Man-in-the-middle_attack#Authe...
https://en.wikipedia.org/wiki/ElGamal_encryption
https://en.wikipedia.org/wiki/ElGamal_signature_scheme
https://en.wikipedia.org/wiki/Taher_Elgamal
Huh, I did not know that!