[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure comm program, Sockets + LINK

To: [email protected]
Subject: Re: Secure comm program, Sockets + LINK
From: "Perry E. Metzger" <[email protected]>
Date: Wed, 14 Jul 1993 12:00:38 -0400
In-Reply-To: Your message of "Tue, 13 Jul 1993 20:43:29 PDT." <[email protected]>
Reply-To: [email protected]


[email protected] says:
>   The bootstrap problem (how you get the public key to the machine
> with only unsecure chanels at your disposal) is interesting though.  I
> wonder if it can be solved without DH key exchange?

You can't even solve the problem with DH key exchange -- you are
subject to "man in the middle" attacks. You must share SOME
information via a secure channel in order to have both authentication
and privacy on a channel. However, the information exchanged could be
small and fairly one-time -- like the public key of a trusted entity
that signs other public keys.

Perry

References:
- Re: Secure comm program, Sockets + LINK
  - From: [email protected]

Prev by Date: Re: xor data hiding?
Next by Date: Re: Secure comm program, Sockets + LINK
Prev by thread: Re: Secure comm program, Sockets + LINK
Next by thread: Re: Secure comm program, Sockets + LINK
Index(es):
- Date
- Thread