Secure key exchange
Perry E. Metzger
pmetzger at shearson.com
Mon Nov 30 11:49:21 PST 1992
>From: Eric Hughes <hughes at soda.berkeley.edu>
>>There is no secure method of exchanging public keys using only the
>>net. [spoofing, etc.]
>As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to
>create an hash or a public key which can be read over the telephone to
>make sure that a key transmitted electronically has not been altered
>in transmission.
Just to point out, though, this is not foolproof. A good impressionist
can fool people, especially if they are extremely skilled. A person
with Rich Little's or Peter Sellers' level of skill can sound
astonishingly like the original person (although a sound spectrograph
isn't fooled, other humans can be).
Perry
More information about the cypherpunks-legacy
mailing list