anonymous DH & MITM
Benja Fallenstein
b.fallenstein at gmx.de
Fri Oct 3 13:23:24 EDT 2003
Hi,
bear wrote:
>>>>starting with Rivest & Shamir's Interlock Protocol from 1984.
>>>
>>>Hmmm. I'll go read, and thanks for the pointer.
>
> Perhaps I spoke too soon? It's not in Eurocrypt or Crypto 84 or 85,
> which are on my shelf. Where was it published?
Communications of the ACM: Rivest and
Shamir, "How to expose an eavesdropper", CACM vol 24 issue 4, 1984. If
you have an ACM Digital Library account, it's at
http://portal.acm.org/ft_gateway.cfm?id=358053&type=pdf&coll=ACM&dl=ACM&CFID=12683735&CFTOKEN=40809148
I've started writing a short summary earlier today, after reading, but
then I got distracted and didn't have time... sorry :) Hope this helps
anyway.
The basic idea is that Alice sends *half* of her ciphertext, then Bob
*half* of his, then Alice sends the other half and Bob sends the other
half (each step is started only after the previous one was completed).
The point is that having only half of the first ciphertext, Mitch can't
decrypt it, and thus not pass on the correct thing to Bob in the first
step and to Alice in the second, so both can actually be sure to have
the public key of the person that made the other move.
- Benja
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list