anonymous DH & MITM
Eric Rescorla
ekr at rtfm.com
Wed Oct 1 19:27:20 EDT 2003
M Taylor <mctylr at privacy.nb.ca> writes:
> Stupid question I'm sure, but does TLS's anonymous DH protect against
> man-in-the-middle attacks? If so, how? I cannot figure out how it would,
> and it would seem TLS would be wide open to abuse without MITM protection so
> I cannot imagine it would be acceptable practice without some form of
> security.
It doesn't protect against MITM.
You could, however, use a static DH key and then client could
cache it as with SSH.
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list