On Sun, Nov 29, 2015 at 12:32 PM, U.Mutlu <[email protected]> wrote: > I wonder if it can be possible, at least theoretically, to have a > MITM-secure internet channel without the use of PKI and/or > persistent password (ie. w/o authentication, like in the telephone network)? > Of course the communication must be encrypted against passive MITM, > and must also detect active MITM. > Does anybody know of such a protocol, info, papers etc.?
It's certainly possible if you're willing to have a central authority and some way to authentically get private keys from that authority to the correct people. In that case search for "identity based encryption". (Or just "KDCs" or "Kerberos" if you don't mind the authority being online.) Cheers AGL -- Adam Langley [email protected] https://www.imperialviolet.org _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
