[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: The Good dr. Dobbs

To: pclow <[email protected]>
Subject: RE: The Good dr. Dobbs
From: Enzo Michelangeli <[email protected]>
Date: Wed, 4 Dec 1996 23:58:10 +0800 (HKT)
cc: "[email protected]" <[email protected]>, "'eva bozoki'" <[email protected]>, "[email protected]" <[email protected]>, "[email protected]" <[email protected]>, "[email protected]" <[email protected]>
In-Reply-To: <[email protected]>
Reply-To: Enzo Michelangeli <[email protected]>
Sender: [email protected]

On Thu, 5 Dec 1996, pclow wrote:

> Sorry Dr Boz, but all I saw on the page was this :
> 
> "404 Not Found
> 
> The requested URL /whitepaper.htm was not found on this server. "
> 
> 
> 
> I  would like to point out that our white paper with technical details
> can be found on our Web-site:    www.dsnt.com/whitepaper.htm
> 
> -- 
> Dr. Eva Bozoki
> Chief Scientist
> DSN Technology, Inc.
> (516)467-0400

Almost, but not quite: you forgot a trailing "l".

           http://www.dsnt.com/whitepaper.html

Anyway, 512 bit for a permanent public key doesn't sound that safe. And
this phrase:

  Encrypting the Diffie-Hellman exchange and changing the dynamic common
  key every 24 hours foils "man-in-the-middle" attacks because each
  renegotiation authenticates the two boxes to each other.

sounds especially obscure to me. If the initial exchange of the "permanent
common private key" through a non-authenticated D-H key exchange was
compromised (as it is entirely possible) by a man-in-the-middle attack,
also the subsequent D-H key exchanges encrypted with that supposedly
common key will be subject to the same attack: actually there will be TWO
non-common private keys, and the man in the middle will know both of them. 

Enzo

References:
- RE: The Good dr. Dobbs
  - From: pclow <[email protected]>

Prev by Date: Re: (no subject)
Next by Date: test
Prev by thread: RE: The Good dr. Dobbs
Next by thread: RE: The Good dr. Dobbs
Index(es):
- Date
- Thread