1996-12-04 - RE: The Good dr. Dobbs

Header Data

From: Enzo Michelangeli <enzo@ima.com>
To: pclow <pclow@extol.com.my>
Message Hash: 3be8978fce88f9f3b2619e4928586c99f58b2a09b0a484bef3b25011b9210c20
Message ID: <Pine.WNT.3.94.961204233405.-830689A-100000@enzohome.ima.com>
Reply To: <96Dec5.012029gmt+0800.21892@portal.extol.com.my>
UTC Datetime: 1996-12-04 15:59:52 UTC
Raw Date: Wed, 4 Dec 1996 07:59:52 -0800 (PST)

Raw message

From: Enzo Michelangeli <enzo@ima.com>
Date: Wed, 4 Dec 1996 07:59:52 -0800 (PST)
To: pclow <pclow@extol.com.my>
Subject: RE: The Good dr. Dobbs
In-Reply-To: <96Dec5.012029gmt+0800.21892@portal.extol.com.my>
Message-ID: <Pine.WNT.3.94.961204233405.-830689A-100000@enzohome.ima.com>
MIME-Version: 1.0
Content-Type: text/plain

On Thu, 5 Dec 1996, pclow wrote:

> Sorry Dr Boz, but all I saw on the page was this :
> "404 Not Found
> The requested URL /whitepaper.htm was not found on this server. "
> I  would like to point out that our white paper with technical details
> can be found on our Web-site:    www.dsnt.com/whitepaper.htm
> -- 
> Dr. Eva Bozoki
> Chief Scientist
> DSN Technology, Inc.
> (516)467-0400

Almost, but not quite: you forgot a trailing "l".


Anyway, 512 bit for a permanent public key doesn't sound that safe. And
this phrase:

  Encrypting the Diffie-Hellman exchange and changing the dynamic common
  key every 24 hours foils "man-in-the-middle" attacks because each
  renegotiation authenticates the two boxes to each other.

sounds especially obscure to me. If the initial exchange of the "permanent
common private key" through a non-authenticated D-H key exchange was
compromised (as it is entirely possible) by a man-in-the-middle attack,
also the subsequent D-H key exchanges encrypted with that supposedly
common key will be subject to the same attack: actually there will be TWO
non-common private keys, and the man in the middle will know both of them.