Dave Howe wrote: > I think this is part of the > purpose behind the following paper: > http://eprint.iacr.org/2004/229.pdf > which I am currently trying to understand and failing miserably at *sigh* Nope, finally strugged to the end to find a section pointing out that it does *not* prevent mitm attacks. Anyone seen a paper on a scheme that does?