[14466] in cryptography@c2.net mail archive
Re: DH with shared secret
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Fri Oct 3 14:22:40 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: "Jack Lloyd" <lloyd@randombit.net>, <cryptography@metzdowd.com>
Date: Fri, 3 Oct 2003 13:58:13 -0400
----- Original Message -----
From: "Jack Lloyd" <lloyd@randombit.net>
To: <cryptography@metzdowd.com>
Sent: Friday, October 03, 2003 5:13 AM
Subject: DH with shared secret
> This was just something that popped into my head a while back, and I was
> wondering if this works like I think it does. And who came up with it
> before me, because it's was too obvious. It's just that I've never heard
of
> something alone these lines before.
>
> Basically, you share some secret with someone else (call it S). Then you
> do a standard issue DH exchange, but instead of the shared key being
> g^(xy), it's g^(xyS)
Not exactly the same thing, but you get the same properties: SKEME.
See section 3.3.2, Pre-shared key and PFS, of
SKEME: A Versatile Secure Key Exchange Mechanism for internet,
Hugo Krawczyk.
http://citeseer.nj.nec.com/krawczyk96skeme.html
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
