ESP Unix encrypted session protocol software

Thomas Grant Edwards tedwards at src.umd.edu
Mon Jan 30 11:23:32 PST 1995


On Mon, 30 Jan 1995, Matt Blaze wrote:

> And if you had a trusted secure key
> store on the remote host, you wouldn't really need to use Diffie-Hellman
> to establish the session key in the first place, since you could just
> store each user's pre-established session key in advance.

Right - using DH exchange is probably appropriate in situations where
there is no pre-established credentials for the party on the other
machine.  Inter-domain authentication while possible in theory is not
often carried out to any great extent in reality.  Companies don't trust
each other, or at least are not concerned by this lack of security for
inter-domain communications. 

-Thomas







More information about the cypherpunks-legacy mailing list