[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP Unix encrypted session protocol software

On Tue, 31 Jan 1995, Eric Hughes wrote:

> Just because plain old Diffie Hellman is subject to active attack
> doesn't mean it's useless.  Some protection is better than no
> protection at all.  It's still worthwhile implementing some security
> to make an opponent's task harder than to implement no security.

I'm curious though if there is some way to reduce the risk or at least 
increase the detectability of active DH spoofing.   I am thinking of the 
use of a trusted adjudicator who could receive information from both the 
original participants and check to see if the two keys matched.

Does anyone see a good solution to this problem?