Let’s get back to our scenario where B wants to comunicate with A using its public key. What happens if in the very first stage someone exchanges A’s public key with its own letting be believe that it is A’s? As you can see this is a potential risk. How can we make sure that A is A and not someone pretending to be A? This type of attak is also know as “Man in the middle” since the attacker is literally getting between A and B.
To solve this authentication problem, we need a way to make sure that entities are who they say they are. This is achieved by using Certificates. In the next article we will give a look into what they are and why they are so important.