[Cryptography] Phishing Attacks - Alice, HAL and Bob

Thierry Moreau thierry.moreau at connotech.com
Tue Jun 28 17:25:21 EDT 2016

On 28/06/16 11:38 AM, Joseph Kilcullen wrote:
> I would appreciate some feedback on this.
> Thanks
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

Do I need to apologize for being a little bit rude? After all, you seem 
to insist.

Unrealistic assumptions about elements on which a practical solution may 
be based:

"The final solution proposed is a mixed strategy of
(1) a user-browser shared secret to facilitate extending TLS, for Alice 
to authenticate Bob,
(2) standardisation of the login process via a browser created login window,
(3) using central banks as Trent for financial institutions and
(4) utilisation of common knowledge and education to guide Alice through 
the process i.e. to prevent phishing attacks Alice must fulfil her role 
and authenticate Bob."

No need to read any further for me.

- Thierry

More information about the cryptography mailing list