This does not relate specifically to Crypto++ but more to security in
general, but since I know there a several knowledgeable security users
in here I thought I'd ask the question anyway.
Say you are establishing a secure channel over UDP between two
end-hosts, A and B. Both hosts know the public key of each other, and
thus the connection is bootstrapped using these keys. DH is used to
generate a temporary session key from which a symmetric key is derived.
The DH part of the security protocol is carried out using the public
keys.
Now, my problem lies in the transition between using the public keys
and using the new symmetric key. Below I've outlined the last part of
the security protocol:
Step 1: A -> B: { DH parameters }Kb+
Step 2: B -> A: { DH parameters }Ka+
Step 3: ....
After Step 2, B expects all subsequent messages from A to be encrypted
using the symmetric key. However, what happens if the message from B to
A is dropped (since we're using UDP)? A will then resend Step 1 which
is encrypted using B's public key, rather than the symmetric key. How
does B know whether to use his private key or the symmetric key to
decrypt the message?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cryptopp-users?hl=en
-~----------~----~----~----~------~----~------~--~---
