I have a question which came to my mind regarding ssl security. Ssl encrypts data with a public key and decrypts with a private key. So in the figure
client->public key to private key-> server
Does also the server uses the same public key to encrypt before sending? The server associates each client with a public key and saves it?
So in reverse,
server->public key to private key-> client
If this is the case
Second question is,
When the client first connects to a website if the arp spoofing is implemented in the same network, on the first hand shake, can the sniffer some how steal the private key or the ssl signed certificate? If there already exists one, tell the server or the user somehow that it is expired to obtain the new plain data one?
The ssl request The client -> the sniffer -> the webserver is being told the client does not have a valid ssl or the current one is expired and new one is requested,
Can it intercept the plain certificate data to steal the private key the second way?
The server(oh here take it) -> sniffer (hehe ihave the new certificate) - > the client, use this, this the new cert old one doesnt work anymore```