[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: D-H telnet protocol

> Why should "hard" be that much more difficult? Looks like an extra few
> days worth of work if you pull all the public key code from PGP.

The project as I plan it, would require no administration on the part
of users.  Install and forget.  If you add authentication, then
end-users have keys to deal with, on an ongoing basis.

As I said before, you're free to take what I come up with and add
authentication.  But stop berating me in public for doing something
to further the use of cryptography.

> 				This whole project is a humungous
> patent violation anyway, so there is no good reason for not stealing
> code from PGP.

You have made two bad assumptions here.  I do not intend to violate
any patents, nor do I intend to steal code from PGP.  I'll be glad to
talk in private about what is happening, but it is not ready for
public discussion yet.

> All you have to do in order to "fix" things is have both sides public
> key encrypt their D-H exchanges, and suddenly, you have verification
> of identity.

This is not true.  I have a preprint of a paper by Whit Diffie that
explains how to weave D-H and RSA together so that you can't accept
the authentication but be spoofed on the key exchange, or vice verse.
It starts with a simple protocol as described above.  Known attacks
are explained and the protocol is modified to deal with them.  The
result is now in use in commercial products (secure phones).  It's not
as simple as it looks.

	John Gilmore