[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Secure comm program, Sockets + LINK
[email protected] says:
> The bootstrap problem (how you get the public key to the machine
> with only unsecure chanels at your disposal) is interesting though. I
> wonder if it can be solved without DH key exchange?
You can't even solve the problem with DH key exchange -- you are
subject to "man in the middle" attacks. You must share SOME
information via a secure channel in order to have both authentication
and privacy on a channel. However, the information exchanged could be
small and fairly one-time -- like the public key of a trusted entity
that signs other public keys.
Perry