[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: The Good dr. Dobbs



On Thu, 5 Dec 1996, pclow wrote:

> Sorry Dr Boz, but all I saw on the page was this :
> 
> "404 Not Found
> 
> The requested URL /whitepaper.htm was not found on this server. "
> 
> 
> 
> I  would like to point out that our white paper with technical details
> can be found on our Web-site:    www.dsnt.com/whitepaper.htm
> 
> -- 
> Dr. Eva Bozoki
> Chief Scientist
> DSN Technology, Inc.
> (516)467-0400

Almost, but not quite: you forgot a trailing "l".

           http://www.dsnt.com/whitepaper.html

Anyway, 512 bit for a permanent public key doesn't sound that safe. And
this phrase:

  Encrypting the Diffie-Hellman exchange and changing the dynamic common
  key every 24 hours foils "man-in-the-middle" attacks because each
  renegotiation authenticates the two boxes to each other.

sounds especially obscure to me. If the initial exchange of the "permanent
common private key" through a non-authenticated D-H key exchange was
compromised (as it is entirely possible) by a man-in-the-middle attack,
also the subsequent D-H key exchanges encrypted with that supposedly
common key will be subject to the same attack: actually there will be TWO
non-common private keys, and the man in the middle will know both of them. 

Enzo