On 9/19/07, Nash Foster <[EMAIL PROTECTED]> wrote:
> http://labs.musecurity.com/2007/09/18/widespread-dh-implementation-weakness/
>
> Any actual cryptographers care to comment on this? I don't feel
> qualified to judge.

It's a real (old) vulnerability in DH, but I don't think it applies
here. If you want to expose the cleartext of your IPsec traffic, you
can just send a copy to the observer.

It makes mitm easier on unauthenticated links, but that's not a new
exposure of any kind.

>From the article:

    There are a number of real-world scenarios where an unknown
key-share completely undermines the legitimacy of networking
infrastructure which is designed to provide high security.

Funny how they didn't provide any details.

-- 
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any further trouble I can give you."
    -- Unknown

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to