----- Forwarded message from Mark Smith <markzzzsm...@yahoo.com.au> -----
Date: Mon, 10 Jun 2013 21:10:06 -0700 (PDT) From: Mark Smith <markzzzsm...@yahoo.com.au> To: IPv6 Hackers Mailing List <ipv6hack...@lists.si6networks.com> Subject: Re: [ipv6hackers] opportunistic encryption in IPv6 X-Mailer: YahooMailWebService/0.8.146.552 Reply-To: IPv6 Hackers Mailing List <ipv6hack...@lists.si6networks.com> ----- Original Message ----- > From: Jim Small <jim.sm...@cdw.com> > To: IPv6 Hackers Mailing List <ipv6hack...@lists.si6networks.com> > Cc: > Sent: Tuesday, 11 June 2013 11:02 AM > Subject: Re: [ipv6hackers] opportunistic encryption in IPv6 > > Hi Owen, > >> > The fundamental challenge for encryption is key distribution and >> management: >> > * How do I authenticate the intended recipient(s)? >> >> This is a traditional challenge with many traditional solutions, all of > which have >> tradeoffs, especially in M2M communications. >> >> > * How do I distribute a key without letting anyone except the intended >> recipient(s) get it? >> >> DH pretty well solves this, no? > > Yes and no. DH is a good answer, but IKE/IPsec still requires pre-shared > keys > or RSA key pairs to start with. Don't think so anymore. "Better-Than-Nothing Security: An Unauthenticated Mode of IPsec" http://tools.ietf.org/html/rfc5386 Don't know if there are any implementations available. _______________________________________________ Ipv6hackers mailing list ipv6hack...@lists.si6networks.com http://lists.si6networks.com/listinfo/ipv6hackers ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech