So basically, the way around having one insecure channel is to use so many
insecure channels that the same attacker can't control them all. Which IRL
means you run around between computers and check if what you published is
available under the exact identity/keys you specified, and keep making up
On Fri, Jun 07, 2013 at 10:02:51AM +0300, ianG wrote:
The big example here is of SSL. In v1 it was vulnerable to MITM,
which was theoretically claimed to make it 'insecure'. In practice
there was no evidence of a threat, and still little real evidence of
that precise threat. Fixing the MITM
Precisely. You have no way of knowing anything about the alleged identity
behind a key without having some form of interaction through a secure channel
(like real-world interaction).
On Jun 7, 2013, at 3:53 PM, Florian Weimer f...@deneb.enyo.de wrote:
Practically speaking, this is true.
We're starting to tread into very philosophical territory. I'd argue that
users on the Silk Road (sellers especially) are, in fact, authenticated
over very informal separate secure channels.
One secure channel is that of the Silk Road website itself. By being on
the website, it lends some
That's a really interesting idea. I'd love to read your paper when it's
available.
On Thu, Jun 6, 2013 at 10:31 AM, Ralph Holz h...@net.in.tum.de wrote:
Hi,
I am currently doing a write-up that dives into some of the more formal
aspects of authentication. In particular, I am wondering when
Isn't it obvious? (I mean, there is some value in formalizing the model,
but still...)
Consider authentication of A to B. If there is nothing distinguishing
(impersonator) Mallory from (honest) A, then anything A can do can also be
done by Mallory.
On Thu, Jun 6, 2013 at 1:31 PM, Ralph Holz
Consider authentication of A to B. If there is nothing distinguishing
(impersonator) Mallory from (honest) A, then anything A can do can also be
done by Mallory.
You still need to know that you want to communicate with someone named
Mallory, which is a piece of information that predates the
My suggestion is that you research the history of (cryptographic)
authentication, mutual authentication (thanks Wikipedia for that phrase)
and MITM. (Maybe you already have done that, though?)
I can at least point out that spy agencies have known for many many decades
that you can not securely
I assume you're talking about confidentiality and authenticity. If all you care
about is authenticity then you can proceed under the assumption that the
channel /may/ be authentic and then later perform the authentication to
retrospectively authenticate it. This is obviously duh, but it's also
Consider a network of N nodes each given an id from 1 to N, each node uses
a protocol where any message it receives it decrypts with it's id. All
messages get sent to every node instantly, and decryption has a very high
cost.
Node A wants to send a message to another node (node A just chooses an
Of
Ethan Heilman
Sent: Thursday, June 06, 2013 16:04
To: Matthew Green
Cc: Crypto List
Subject: Re: [cryptography] Looking for earlier proof: no secure channel
without previous secure channel
Consider a network of N nodes each given an id from 1 to N, each node uses a
protocol where any message
11 matches
Mail list logo
