Why can this cryptosystem be easily broken?
I am having trouble understanding the concept of public-key cryptography and why some cryptosystems can be easily broken when used in a certain way. Here is an example.
Suppose we have a communication network where every user $U$ has an enciphering function $C_U$, which is public, and a deciphering function $D_U$ which is private. Let $A$ and $B$ be two users in the network. Suppose $A$ wants to send the message $m$ to $B$. Then $A$ sends $(C_B(m),A)$. The address $A$ is to specify the sender of the message (this is like a really poor digital signature, but again this is a very simple example to make sure I understand the concepts). After receipt, $B$ will reply with $(C_A(m),B)$, so $A$ knows that the message has been received.
Suppose that a third user $C$ can intercept every communication in the network. Then I am told that $C$ can read the message $m$. I suppose that this is because the same message has been sent using different enciphering functions. However, I am not sure of this and I would like to understand the reason behind it. Could someone help me?
- $C$ intercept the message $(C_B(m),A)$
- $C$ modifies it as $(C_B(m),C)$
- $C$ sends to $B$.
- $B$ consider this come from $C$.
- $B$ decrypt the ciphertext to access the message $m$.
- $B$ responds as $(C_C(m),B)$.
- Now, $C$ can decrypt the ciphertext to open the message.
Note that $C$ can be any malicious entity within the network.
As you can see the signature is important to verify the sender and why we have PKI.