[Cryptography] How to build trust in crypto (was:recommending ChaCha20 instead of RC4)

Bear bear at sonic.net
Tue Mar 18 15:34:38 EDT 2014

On Tue, 2014-03-18 at 14:09 +0100, Guido Witmond wrote:

> D-H creates a secure channel against passive eavesdropping. D-H does not
> protect against active MitM attacks.

One could however do D-H over the Interlock protocol, and reduce our 
MITM to a simple endpoint.


If Bob and Alice are using D-H over Interlock, then Mallory can have 
an interaction with either of them while pretending to be the other, 
but he cannot find any way to allow them to have an interaction with
each other which he can observe - ie, he cannot "pass through" messages.
And this is true whether or not Bob and Alice have ever met.

I believe that is very important for privacy purposes.  It raises the
bar substantially for the attacker.  It doesn't solve authentication, 
but it establishes forward security and goes a long way toward
eliminating eavesdropping.


More information about the cryptography mailing list