[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: The Good dr. Dobbs
On Thu, 5 Dec 1996, pclow wrote:
> Sorry Dr Boz, but all I saw on the page was this :
>
> "404 Not Found
>
> The requested URL /whitepaper.htm was not found on this server. "
>
>
>
> I would like to point out that our white paper with technical details
> can be found on our Web-site: www.dsnt.com/whitepaper.htm
>
> --
> Dr. Eva Bozoki
> Chief Scientist
> DSN Technology, Inc.
> (516)467-0400
Almost, but not quite: you forgot a trailing "l".
http://www.dsnt.com/whitepaper.html
Anyway, 512 bit for a permanent public key doesn't sound that safe. And
this phrase:
Encrypting the Diffie-Hellman exchange and changing the dynamic common
key every 24 hours foils "man-in-the-middle" attacks because each
renegotiation authenticates the two boxes to each other.
sounds especially obscure to me. If the initial exchange of the "permanent
common private key" through a non-authenticated D-H key exchange was
compromised (as it is entirely possible) by a man-in-the-middle attack,
also the subsequent D-H key exchanges encrypted with that supposedly
common key will be subject to the same attack: actually there will be TWO
non-common private keys, and the man in the middle will know both of them.
Enzo