1995-02-01 - Re: ESP Unix encrypted session protocol software

Header Data

From: norm@netcom.com (Norman Hardy)
To: Thomas Grant Edwards <eric@remailer.net>
Message Hash: ae16811daacab770a77bd515d415937df3a1ae8bc1c7dd05521862c1937a5e21
Message ID: <ab559e8c000210040b91@DialupEudora>
Reply To: N/A
UTC Datetime: 1995-02-01 21:03:39 UTC
Raw Date: Wed, 1 Feb 95 13:03:39 PST

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Wed, 1 Feb 95 13:03:39 PST
To: Thomas Grant Edwards <eric@remailer.net>
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <ab559e8c000210040b91@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:49 PM 1/31/95, Thomas Grant Edwards wrote:
>On Tue, 31 Jan 1995, Eric Hughes wrote:
>
>> Just because plain old Diffie Hellman is subject to active attack
>> doesn't mean it's useless.  Some protection is better than no
>> protection at all.  It's still worthwhile implementing some security
>> to make an opponent's task harder than to implement no security.
>
>I'm curious though if there is some way to reduce the risk or at least
>increase the detectability of active DH spoofing.   I am thinking of the
>use of a trusted adjudicator who could receive information from both the
>original participants and check to see if the two keys matched.
>
>Does anyone see a good solution to this problem?
....
I trust that that the attack refered to is the "man-in-the-middle". I find
it very curious that there is a simple fix to the attack for the enctrypted
voice channel. Each unit displays to its human a few bits of g^(xy). One
human quotes them vocally to the other. If there is a man in the middle the
bits are unlikely to match. What I find curious is that there seems to be
no automated analog to this precaution. It has to do with the difficulty of
substituting the vocal signals that code these bits. This is too hard for
either computer or man (in the middle). I write to stimulate a solution. I
have none.







Thread