Hello William, 2006/2/3, William D. Neumann <[EMAIL PROTECTED]>: > That sound like it's based on (or possibly the same as, I'd have to reread > the paper) a scheme presented by Serge Vaudenay at Crypto'05.
We will have to wait for some code or protocol description of zPhone to answer that question. > If anyone > is interested, the paper can be found at > <http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Vau05a> Thank you for the reference. I've not read the paper but the abstract says "The extra channel uses a weak notion of authentication in which strings cannot be forged nor modified, but whose delivery can be maliciously stalled, canceled, or replayed." The requirement that "the extra channel [...] in which strings cannot be forged nor modified" seems pretty difficult to me to have on the Internet alone. If you establish a session key with a Diffie-Hellman and if you have a man in the middle attack, the established channel cannot be considered strong enough so that messages cannot be changed during transport. >From what I have understood of Zimmermann's scheme, the only channel used is the insecure Internet itself, so Vaudenay's scheme seems a different one to me. We will see... Best wishes, d. _______________________________________________ Demexp-dev mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/demexp-dev
