--
At 06:16 PM 7/20/2000 -0400, David Jablon wrote:
> This is a solved problem, under slightly different assumptions.
At 07:34 AM 7/20/00 -0700, James A. Donald wrote:
> > One can achieve almost the same effect by having transient user
> > keys separate from the user logon key, random keys which randomly
> > generated by the users client software and authenticated by the
> > server, but this exposes the client to man in the middle attack
> > from the server, and only works for instant messaging and for
> > transactions that either fail or complete within a single logon
> > session at the server.
David Jablon
> I'm not sure what method you have in mind, but there are several
> ways to do achieve goals [1] and [2] without MITM attack. The
> general model works like this:
>
> Using a password-authenticated key exchange, the client proves
> knowledge of p to a server that knows f(p) (a special one way
> transformation of p) and derives a mutually authenticated session
> key K.
>
> The client then retrieves q through the channel encrypted with K,
> and then combines p and q to re-create the private key.
James A. Donald:
The problem is that I assume that people find each other's IP and transient
public key through the server. I also assume the user's computer is
insecure, the user is ignorant and careless about security and the user may
change computers from time to time. Thus his public key has to be
transitory. Thus the server can mount a man in the middle attack.
If some portion of the user's public key stayed on the server, and did not
get dowloaded to the client, we could have a non transitory public key,
which would have considerable advantages, among them, that it would
increase the likelyhood that a man in the middle attack would be detected.
If, however, the high strength secret key maintained by the server gets
downloaded, sooner or later it will leak. Infrequent leaks are only
tolerable if the keys are transitory.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
vhTypOK53ouqsiHj4iAOBNID5Vn4u+pWD3W+v16R
4hKCHFQRtQxRuio0X40b4sCMiCvf+St4abG3AXU8H
