[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: stealthy key exchange
At 11:37 AM 9/19/96 DST, [email protected] (Bodo Moeller)
wrote:
>If both have public keys, what is the point of using Diffie-Hellman?
>The two channels (Alice -> Bob and Bob -> Alice) are independent, so
>they can use different session keys. Alice creates a random key K_A
>and sends it to Bob (encrypted with Bob's public key). Alice uses K_A
Diffie-Hellman gives you forward security - if an eavesdropper copies
your message and later steals your secret keys, he can't decrypt it,
because there's no encrypted session key to recover. To prevent
man-in-the-middle attacks, sign your half-keys with your public key.
There are some problems with this method - it requires several
exchanges, so it's awkward to use for email (though you can do it.)
Also, it does expose the signed keyparts, which reveals the public
key used for signing, though you can play games to prevent this
(e.g. negotiate the key, and send the signed keyparts encrypted
with the public key, though if there _is_ a man-in-the-middle,
the MITM can see this, and your connection will fail.)
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# <A HREF="http://idiom.com/~wcs">
# You can get PGP software outside the US at ftp.ox.ac.uk/pub/crypto