Re: Secure comm program, Sockets + LINK
My concerns about two way authentication become clear when you concider the LINK+sockets program a substitute for rsh, rexec, login or similar programs. You don't want to be spoofed, and you don't want others using your account. When you are using LINK in the way it was originaly designed, you more or less *have* authentication in both directions. From you to it since discovering a private key given a public key is concidered hard. From it to you since *presumably* the only user able to read the key file on the shared machine is you. The bootstrap problem (how you get the public key to the machine with only unsecure chanels at your disposal) is interesting though. I wonder if it can be solved without DH key exchange? j'
jpp@markv.com says:
The bootstrap problem (how you get the public key to the machine with only unsecure chanels at your disposal) is interesting though. I wonder if it can be solved without DH key exchange?
You can't even solve the problem with DH key exchange -- you are subject to "man in the middle" attacks. You must share SOME information via a secure channel in order to have both authentication and privacy on a channel. However, the information exchanged could be small and fairly one-time -- like the public key of a trusted entity that signs other public keys. Perry
participants (2)
-
jpp@markv.com
-
Perry E. Metzger