Earlier, smb@research.att.com wrote:
There's also Rivest and Shamir's Interlock Protocol (April '84 CACM). Davies and Price suggest using it for authentication, but Mike Merritt and I showed that that doesn't work under certain circumstances.
Diffie, Wiener et al in "Authentication and Authenticated Key Exchanges" (Designs, Codes and Cryptography, 2, 1992) discuss the need to combine key exchange and authentication, amongst other things. Anyway, the upshot is that a Station To Station protocol is developed and discussed which is based on the original D-H system. Damn, I don't have the paper which me, so I'm not sure whether third party certification is needed. The accompanying discussion, relating to secure protocol requirements and so on struck me as quite good at the time IMHO. Matthew. -- Matthew Gream, ph: (02)-821-2043 M.Gream@uts.edu.au.