[Cryptography] Silly Diffie-Hellman question using XOR
Sandy Harris
sandyinchina at gmail.com
Wed Mar 5 22:28:26 EST 2014
realcr <realcr at gmail.com> wrote:
> I don't have much theoretic knowledge about using Diffie Hellman,
One introduction is here:
http://en.citizendium.org/wiki/Diffie-Hellman
> however I
> think it has the advantage of being useful even when
> there is no signing or authentication scheme in the background.
Not exactly. You can do DH without authentication, e.g. see
http://datatracker.ietf.org/doc/rfc5386/
That is secure against passive eavesdroppers.
However, to resist active attacks (the enemy can alter packets
or send his own), you need authentication. It does you no
good at all to communicate securely so that only the
recipient can read things if you do not know who that
recipient is,
More information about the cryptography
mailing list