Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

That's a really interesting idea. I'd love to read your paper when it's available. On Thu, Jun 6, 2013 at 10:31 AM, Ralph Holz h...@net.in.tum.de wrote: Hi, I am currently doing a write-up that dives into some of the more formal aspects of authentication. In particular, I am wondering when

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

Isn't it obvious? (I mean, there is some value in formalizing the model, but still...) Consider authentication of A to B. If there is nothing distinguishing (impersonator) Mallory from (honest) A, then anything A can do can also be done by Mallory. On Thu, Jun 6, 2013 at 1:31 PM, Ralph Holz

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

Consider authentication of A to B. If there is nothing distinguishing (impersonator) Mallory from (honest) A, then anything A can do can also be done by Mallory. You still need to know that you want to communicate with someone named Mallory, which is a piece of information that predates the

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

My suggestion is that you research the history of (cryptographic) authentication, mutual authentication (thanks Wikipedia for that phrase) and MITM. (Maybe you already have done that, though?) I can at least point out that spy agencies have known for many many decades that you can not securely

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

I assume you're talking about confidentiality and authenticity. If all you care about is authenticity then you can proceed under the assumption that the channel /may/ be authentic and then later perform the authentication to retrospectively authenticate it. This is obviously duh, but it's also

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

Consider a network of N nodes each given an id from 1 to N, each node uses a protocol where any message it receives it decrypts with it's id. All messages get sent to every node instantly, and decryption has a very high cost. Node A wants to send a message to another node (node A just chooses an

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

How do the does node A know node B's ID and that the ID is really the one of the B he/she wants to communicate with? Isn't the ID really just the shared secret (credentials) Ralph mentions in his question? --Felix From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf Of

Re: [cryptography] skype backdoor confirmation

From the new Washington Post Article According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by