[2120] in cryptography@c2.net mail archive
Re: Something really new??
daemon@ATHENA.MIT.EDU (Barney Wolff)
Fri Feb 6 16:09:18 1998
From: Barney Wolff <barney@databus.com>
To: cryptography@c2.net
Date: Fri, 6 Feb 1998 14:38 EST
On further thought, I'm not so sure that active attack can be prevented
as easily as all that.
Barney
> From: Barney Wolff <barney@databus.com>
> To: cryptography@c2.net
> Date: Fri, 6 Feb 1998 14:07 EST
> Subject: Re: Something really new??
> Content-Length: 905
>
> With all due respect, this seems like overkill. It's easy (and I would
> have thought obvious) to make this determination using existing
> algorithms. A and B each pick a large random number, say Ra and Rb, and
> exchange them. A computes a keyed hash of (A,Rb,Ra) and sends it to B,
> while B computes the hash of (B,Ra,Rb) and sends it to A.
>
> Iff the pairs of hashes match, both A and B know the same secret, but if
> the hashes do not match, nothing about the secret known to either side
> has been revealed, either to the other party or to any third party.
> Even if A and B do not trust each other, neither can gain anything by
> waiting to see the other's random or hash. An active attacker can
> pretend to be either side, which can be prevented by splitting the
> randoms. I didn't see anything in the "discovery" that would prevent
> active attacks.
>
> Ok, so what am I missing?
>
> Barney Wolff <barney@databus.com>
>
