I know that TLS protocol is used to authenticate two persons and when a secure channel is established we can perform a key exchange.
My question is if TLS can be used to establish a secure channel between more than two persons. If yes how?
Asked
Active
Viewed 167 times
1
1 Answers
1
TLS requires an out of band mechanism from which to bootstrap trust between the communicating parties. Using an external certificate authority is one approach.
an alternate approach is PGP's web of trust, where individuals you trust sign the public keys of individuals you don't yet trust. Here, Alice might connect to Bob. Alice trusts Bob. Bob connects to Carol, whom Bob trusts. Bob tells Alice Carol's public key and address, and tells Carol Alice's key and address . Carol and Alice can now connect to each other, based on trust in Bob.
Alternately, Alice and Carol can exchange keys and addresses in person, such as on business cards. They can then contact each other, believing that they are talking to the person they met in person.
Or you can have a central server where each user has registered a public key. Any other user can connect to the server and ask that server to forward traffic to the recipient as known by such server.
Edited to add: please don't design your own protocol. See the following link for a discussion of why not: Are there any holes in this security design?
-
The problem is that suppose the server is offline then the multiple person scenario would not work at all. I "need" to design a new protocol as it is part of my research project. – The Nutty Professor Dec 09 '13 at 12:00
-
Each of the variants has its strengths and weaknesses. If you era writing the protocol for school, it's one if the very few exceptions to the rule - and will hopefully teach you why the rule exists :-) – atk Dec 09 '13 at 13:42
Also does TLS need an intermediate server like a governing authority. Thanks for your help.
– The Nutty Professor Dec 08 '13 at 17:26