[Cryptography] Non-Authenticated Key Agreement
Philipp Gühring
pg at futureware.at
Wed Sep 23 14:04:11 EDT 2015
Hi,
Diffie-Hellman has one (from my point of view) important, non-obvious and
seemingly largely unknown security property:
It protects both parties from an insecure key resulting from the protocol,
if and only if they follow their part of the protocol correctly.
If Alice originally creates an insecure variable d (data), e.g. due to bad
random number generator, or due to some other problem,
then Bob will end up with an insecure key, although he followed your
protocol correctly.
Diffie-Hellman makes sure that both parties end up with a secure key d if
at least any one of them has a secure random number generator and follows
the protocol correctly.
Best regards,
Philipp Gühring
More information about the cryptography
mailing list