--
James A. Donald writes:
> > In all public key solutions,the public keys are used to set up a
> > symmetric key that is not subject to dictionary attacks.
At 09:32 AM 9/1/2000 -0700, Michael Thomas wrote:
> False. A public key solution that chose bad symmetric keys would be
> subject to dictionary attacks and much more.
All existing public key protocols, for example https, generate ephemeral
computer generated symmetric keys that are invulnerable to dictionary attack.
The SPEKE protocol, the various EKE protocols and the PGP phone protocol
also generate ephemeral computer generated private keys that are
invulnerable to dictionary attack, as well as generating ephemeral computer
generated symmetric keys that are invulnerable to dictionary attack.
James A. Donald:
> > Existing symmetric key solutions (Kerberos) are vulnerable to
> > dictionary attack
Michael Thomas
> This is a ludicrous strawman.
This is a simple fact, as has been proven by experiment. Once again, I
point you to http://theory.stanford.edu/~tjw/krbpass.html
> People choose dictionary attackable symmetric keys, not Kerberos.
People will always choose such passphrases. Kerberos allows the
attack. Modern systems do not.
Modern systems, such as SPEKE, are secure even when people choose such
passwords, as they almost always do.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
UP7kKPgsDeT0+7xcZCaBx+MpR1w99cX8FWDKmH3Z
4/komD2VbLq1nRMs2vSomlGd1IBRC+OkbOsQGFW6x
