[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CERT advisory
Eric Hughes sez:
>
> Since active interception is not nearly so easy as passive listening,
This isn't true of anything but the aether itself or a point to point
wire with integrity. In any switched or networked system with routing,
active interception is trivial. That is why D-H has a lower level
of applicability than generally considered.
> it would be appropriate to use a Diffie-Hellman key exchange in this
> situation. This protocol has no persistent private keys, so the issue
> of keeping a private key around securely is not an issue.
Yes, the one time key usage is an important factor in the D-H.
Nothing can be determined from one session that will help in
breaking another.
Peace,
Bob
--
Bob Cain [email protected] 408-354-8021
"I used to be different. But now I'm the same."
--------------PGP 1.0 or 2.0 public key available on request.------------------