1997-10-10 - Re: Defeating MITM with Eric’s Secure Phone

Header Data

From: Anonymous <anon@anon.efga.org>
To: cypherpunks@cyberpass.net
Message Hash: efe3bd773a0bf496475dfa8e9899c65c2d59603d8564f32b91a7db0b7f1e3298
Message ID: <bf93dd7a6705c63ca0db70676cb3e3af@anon.efga.org>
Reply To: N/A
UTC Datetime: 1997-10-10 03:33:59 UTC
Raw Date: Fri, 10 Oct 1997 11:33:59 +0800

Raw message

From: Anonymous <anon@anon.efga.org>
Date: Fri, 10 Oct 1997 11:33:59 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Defeating MITM with Eric's Secure Phone
Message-ID: <bf93dd7a6705c63ca0db70676cb3e3af@anon.efga.org>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

My apologies if this has already been discussed, but wouldn't this be
a straightforward solution?

Alice and Bob use PGP as a secure, identified channel to exchange a
random 6 digit hex number.  For example, 0xC926D0.

When they establish their Comsec connection, they read 0x5F92E4 off
their units.

Alice takes the digits C, 9, and 2, and adds them mod 16 to 5, F, and
9 to get the digits 1, 8, and B, which she reads to Bob who confirms
them.  (Adding just the digits instead of larger numbers means that
Alice and Bob can do the computation in their heads.)

Bob takes the digits 6, D, and 0 and adds them mod 16 to the digits 2,
E, and 4 to get 8, B, and 4.  Bob reads them to Alice who confirms
them.

Any flaws?

Monty Cantsin
Editor in Chief
Smile Magazine
http://www.neoism.org/squares/smile_index.html
http://www.neoism.org/squares/cantsin_10.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBND2EZ5aWtjSmRH/5AQGBnQf/QRMe/66ge+M/zHzzrZ7zc3g9wFKESsjA
alzeGfUulzp+18JyUy1RHNOtM+4bXZUaiYAN7FnxKkAkY+IzW5m7nDHMnC18e+bD
IZpO626Ze+pumokhXVTYW0JHWF4OfCol4qmYNSTjM+n4RO0DcmecOuQYuwnscJvb
808rsuin09dhY3UV5uyDWrCwuATIRjwSRTewBinuTGZo/QtMurXJlPc45WtF07oC
9Tg3ebnnq0NtbxWmsX7WT/tjFHoniS5sPoBusrlZT+1z+PT0SzqtSR1JmWKGVQQC
xubaghabXvNj9nZZPsEGCG4rMbJw8Qtoh9J6I+aQJ0TVK4hHuanJXw==
=Ooh/
-----END PGP SIGNATURE-----









Thread