Scare tactic?

Ivan Krstić krstic at
Thu Sep 20 08:08:32 EDT 2007

On Sep 19, 2007, at 5:01 PM, Nash Foster wrote:
> Any actual cryptographers care to comment on this? I don't feel
> qualified to judge.

If the affected software is doing DH with a malicious/compromised  
peer, the peer can make it arrive at a predictable secret -- which  
would be known to some passive listener. But hey, if the peer is  
malicious or compromised to begin with, it could just as well do DH  
normally and explicitly send the secret to the listener when it's  
done. Not much to see here.

Ivan Krstić <krstic at> |
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list