home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!uwm.edu!spool.mu.edu!umn.edu!csus.edu!netcom.com!rcain
- From: rcain@netcom.com (Robert Cain)
- Subject: Re: Anti-spoofing protocol?
- Message-ID: <1993Jan4.215027.17258@netcom.com>
- Organization: Netcom - Online Communication Services (408 241-9760 guest)
- References: <1993Jan4.104051.23477@qualcomm.com>
- Date: Mon, 4 Jan 1993 21:50:27 GMT
- Lines: 35
-
- karn@servo.qualcomm.com (Phil Karn) writes:
- : In article <1993Jan4.090057.20269@netcom.com> rcain@netcom.com (Robert Cain) writes:
- : >
- : >The problem of detecting a spoof in between two ends of a
- : >Diffie-Hellman exchange is unsolved, as far as I know, using any known
- : >protocol.
- :
- : Why do you say that? You can detect the "ends against the middle"
- : attack against DH if the parties sign their DH exchanges (using RSA or
- : some other digital signature scheme) and verify them before using the
- : DH-generated key to encrypt anything real.
-
- This all assumes that you have a secure means of getting your public key
- to the other or an authenticated one. Both seem equivalent in the end
- to swapping a secret key to me. This makes me question the fundamentals
- of PK actually.
-
- :
- : The most I think an active attacker could do against this scheme is to
- : trick the parties into revealing their public key certificates, if
- : that matters.
-
- Certificates, shmertificates. :-)
-
- I have yet to see anything more than endless discussion on this.
-
- Bob
- --
- Bob Cain rcain@netcom.com 408-358-2007
-
- 'The meek shall inherit the earth--the rest of us will move on..'
- Sameer Parekh
-
-
- PGP 1.0 or 2.0 public key available on request.
-
