it came up lately in a discussion, and I couldn't put a name to it: a means to use symmetric crypto without exchanging keys:
- Alice encrypts M with key A and sends it to Bob - Bob encrypts A(M) with key B and sends it to Alice - Alice decrypts B(A(M)) with key A, leaving B(M), sends it to Bob - Bob decrypts B(M) with key B leaving him with M.
Are there algorithms for this already? What's the scheme called? I searched Schneier (non-extensively) but couldn't find a reference.
I don't know what it's called, but it's vulnerable to man-in-the-middle unless you've got some way to authenticate the parties (because Alice has no way to tell if she's decrypting Bob's B(A(m)) or Mallet's M(A(m)).
And if you've got some way to authenticate the parties (a shared secret or a public key or something), it's probably easier to leverage that into an encryption key.
- Tim
PS - I'm looking for a full-time job. My resume is at http://www.dierks.org/tim/resume.html . Looking for architecture or technical management jobs; I'm in New York, NY, but I am willing to relocate.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
