[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure phone




At 10:57 AM -0700 10/6/97, Adam Back wrote:
>Bill Frantz <[email protected]> writes:
>> At 6:25 PM -0700 10/5/97, Adam Back wrote:
>> >On the other hand, using persistent key public key crypto, Tim has
>> >been signing his posts recently, and I have an ancient public key of
>> >his stashed away which his new key is signed with.  If we were able to
>> >construct a protocol to bolt on top of the reading of hashes, we could
>> >have much greater protection against MITM.
>>
>> Of course if you can use PGP as well as the secure phone, you can use PGP
>> to exchange a pad of one-time passwords.
>
>The passwords alone don't do you any good: if you read them out over
>the phone, Eve can just repeat them.

One simple possibility is to send out ten word groups.  Use each group only
once.  Use the words to encode the key hash display.


-------------------------------------------------------------------------
Bill Frantz       | Internal surveillance      | Periwinkle -- Consulting
(408)356-8506     | helped make the USSR the   | 16345 Englewood Ave.
[email protected] | nation it is today.        | Los Gatos, CA 95032, USA