[14761] in cryptography@c2.net mail archive
Re: A-B-a-b encryption
daemon@ATHENA.MIT.EDU (Tim Dierks)
Sun Nov 16 19:33:28 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 16 Nov 2003 10:06:27 -0500
To: martin f krafft <madduck@madduck.net>,
crypto list <cryptography@metzdowd.com>
From: Tim Dierks <tim@dierks.org>
In-Reply-To: <20031114081925.GA11764@piper.madduck.net>
At 03:19 AM 11/14/2003, martin f krafft wrote:
>it came up lately in a discussion, and I couldn't put a name to it:
>a means to use symmetric crypto without exchanging keys:
>
> - Alice encrypts M with key A and sends it to Bob
> - Bob encrypts A(M) with key B and sends it to Alice
> - Alice decrypts B(A(M)) with key A, leaving B(M), sends it to Bob
> - Bob decrypts B(M) with key B leaving him with M.
>
>Are there algorithms for this already? What's the scheme called?
>I searched Schneier (non-extensively) but couldn't find a reference.
I don't know what it's called, but it's vulnerable to man-in-the-middle
unless you've got some way to authenticate the parties (because Alice has
no way to tell if she's decrypting Bob's B(A(m)) or Mallet's M(A(m)).
And if you've got some way to authenticate the parties (a shared secret or
a public key or something), it's probably easier to leverage that into an
encryption key.
- Tim
PS - I'm looking for a full-time job. My resume is at
http://www.dierks.org/tim/resume.html . Looking for architecture or
technical management jobs; I'm in New York, NY, but I am willing to relocate.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
