* Victor Duchovni wrote on Fri, Aug 28, 2009 at 13:39 -0400:
The OP is not using fixed DH keys. He is proposing to use ADH key
exchange. This gives confidentiality, but NOT authentication.
Yes, and confidentiality without authentication usually doesn't
help much. In case of MITM, the
Note that there is one case which falls more into the 'shared secret'
category than the 'trusted introducer' category, and that is the case
where you have two entities which share self-signed certificates.
Even though what they share aren't secrets, they still have to do it
through a mechanism
No. Without a previously arranged shared secret and no trusted introducer,
authentication is *impossible*. Authentication is an act of recognizing
a party that posesses something you can verify. You CAN NOT generate
authentication secrets on the fly.
Viktor.
Or, to put it in simple
Hello Users,
I would like to run a design by you. The requirement (and the constraint) is
that I have to design a secure communication channel without using
certificates. I'm trying out DH key exchange.
My proposed design is a two step process for communication:
1) Use Anonymous DH and
Ram G wrote:
I would like to run a design by you. The requirement (and the constraint) is
that I have to design a secure communication channel without using
certificates. I'm trying out DH key exchange.
An unfortunate, if common, misnomer. DH key agreement is a better
term, since it denotes
On Fri, Aug 28, 2009 at 09:39:18AM -0400, Ram G wrote:
Hello Users,
I would like to run a design by you. The requirement (and the constraint) is
that I have to design a secure communication channel without using
certificates. I'm trying out DH key exchange.
My proposed design is a two
Victor Duchovni wrote:
No. Without a previously arranged shared secret and no trusted introducer,
DH doesn't require anything but mutual knowledge of public
keys, since the shared secret is implicit. Either OOB or
via a trusted directory service, or a cert binding the identity
of a principal
On Fri, Aug 28, 2009 at 10:06:43AM -0700, Michael Sierchio wrote:
Victor Duchovni wrote:
No. Without a previously arranged shared secret and no trusted introducer,
DH doesn't require anything but mutual knowledge of public
keys, since the shared secret is implicit. Either OOB or
via a
Victor Duchovni wrote:
Bootstrapping authentication requires an out-of-band secure channel for
key exchange (or initial delivery of keys of trusted introducers).
Agreed.
__
OpenSSL Project