[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Some stuff about Diffie-Hellman (and more :-)

To: [email protected]
Subject: Some stuff about Diffie-Hellman (and more :-)
From: [email protected] (Eric Hughes)
Date: Sun, 6 Feb 94 03:51:26 -0800
In-Reply-To: Matthew Gream's message of Sun, 6 Feb 94 19:11:48 EST <[email protected]>

>Anyway, the upshot is 
>that a Station To Station protocol is developed and discussed which is 
>based on the original D-H system. 

The STS protocol is a regular D-H followed by a (delicately designed)
exchange of signatures on the key exchange parameters.  The signatures
in the second exchange that they can't be separated from the original
parameters.

>Damn, I don't have the paper which me,
>so I'm not sure whether third party certification is needed.

There is a digital signature required, so what is at root required is
a trusted public key of the other party.  One can use a certificate to
establish this trust and transmit it at session time, but any other
method of communicating a public key will work, include a trusted web
of trust or direct previous transmission.

STS is a well-thought out protocol, with many subtleties already
arranged for.  For the issue at hand, though, which is Ethernet
sniffing, it's authentication aspects are not required now, even
though they certainly will be in the near future.

Eric

References:
- Re: Some stuff about Diffie-Hellman (and more :-)
  - From: [email protected] (Matthew Gream)

Prev by Date: Re: FIRST CYPHERPUNKS VIRTUAL MEETING
Next by Date: Government Policy makes Internet breakins easier
Prev by thread: Re: Some stuff about Diffie-Hellman (and more :-)
Next by thread: Re: Some stuff about Diffie-Hellman (and more :-)
Index(es):
- Date
- Thread