From: hughes@ah.com (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: 9410571a01d302369327b550d202cd178d40692cee6979403a09641062fc5ea8
Message ID: <9402061151.AA19462@ah.com>
Reply To: <9402060811.AA24965@acacia.itd.uts.EDU.AU>
UTC Datetime: 1994-02-06 11:55:55 UTC
Raw Date: Sun, 6 Feb 94 03:55:55 PST
From: hughes@ah.com (Eric Hughes)
Date: Sun, 6 Feb 94 03:55:55 PST
To: cypherpunks@toad.com
Subject: Some stuff about Diffie-Hellman (and more :-)
In-Reply-To: <9402060811.AA24965@acacia.itd.uts.EDU.AU>
Message-ID: <9402061151.AA19462@ah.com>
MIME-Version: 1.0
Content-Type: text/plain
>Anyway, the upshot is
>that a Station To Station protocol is developed and discussed which is
>based on the original D-H system.
The STS protocol is a regular D-H followed by a (delicately designed)
exchange of signatures on the key exchange parameters. The signatures
in the second exchange that they can't be separated from the original
parameters.
>Damn, I don't have the paper which me,
>so I'm not sure whether third party certification is needed.
There is a digital signature required, so what is at root required is
a trusted public key of the other party. One can use a certificate to
establish this trust and transmit it at session time, but any other
method of communicating a public key will work, include a trusted web
of trust or direct previous transmission.
STS is a well-thought out protocol, with many subtleties already
arranged for. For the issue at hand, though, which is Ethernet
sniffing, it's authentication aspects are not required now, even
though they certainly will be in the near future.
Eric
Return to February 1994
Return to “smb@research.att.com”