Public Key Exchange
The functional model adopted by Message in a Bottle is based on public key cryptography pradigm. Thus it is similar to PGP®.
Alice and Bob want to exchange private messages. First of all they must exchange their public keys:
Alice and Bob generate (*) their key pairs (pubblic-private) and each of them sends his/her public key to the other (**):
Bob generates his key pair and sends his public key to Alice
--------------------------------------------------------------->
Alice generates her key pair and sends her public key to Bob
<--------------------------------------------------------------
From now on Alice and Bob can exchange private, encrypted and/or digitally signed SMS
* Key pair generation happens only once just ofter Message in a Bottle installation.
** Public key exchange happens only once when Alice and Bob decide to exchange encrypted SMS..
Key-Ring
Message in a Bottle stores public keys in a sort of repository called Key-Ring. Each public key is mapped to the owner's telephone number.
Encrypted SMS
Alice e Bob want to exchange encrypted SMS (after they have exchanged their public key).
Bob usas Alice's public key to encrypt the SMS he want to send to Alice
--------------------------------------------------------------->
Alice uses her own private key to decrypt and read the SMS received from Bob
Digitally Signed SMS
Alice e Bob want to exchange digitally signed SMS (after they have exchanged their public key).
Bob uses his private key to digitally sign the SMS and send it to Alice
---------------------------------------------------------------->
Alice uses Bob's public key to verify the signature made by Bob. if the signature is verified the SMS is autenticated and trusted.