On Mon, Jan 30, 2012 at 4:52 PM, Stephen Kent <[email protected]> wrote: > At 2:57 PM -0500 1/30/12, Brian Dickson wrote: >> >> There are other kinds of encryption as well, which involve shared >> keys, or in case of DH, random session keys with neither party >> having/needing the other's key material. > > > not true. DH key agreement requires that each party receive the public > key of the other, in order to compute a shared secret.
In DH, each side generates a random (per-session) private key, and computes _a_ public key (which is exchanged), off of that private key . Here's the thing - the "public key" in DH is not pre-published, nor is it re-used. It is a one-use, fire-and-forget object, as are the private key and shared key. This is different from a published (public) key material a la PKI. PKI keys are longer-lived and multiple-use. In DH, neither party has the other's key _before_ they start their DH exchange. That was my point. Sorry for not making that more obvious. Brian _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
