Date: Tue, 09 Mar 2010 22:16:12 -0800 From: perryh@pluto.rain.com To: Olivier.Nicole@cs.ait.ac.th Cc: freebsd-questions@freebsd.org Subject: Re: [OT] ssh security Message-ID: <4b97392c.O1yEWWCVzta4T7fL%perryh@pluto.rain.com> In-Reply-To: <201003090848.o298mBSN079005@banyan.cs.ait.ac.th> References: <532b03711003071325j9ab3c98u703b31abdc7ea8fe@mail.gmail.com> <4b960747.T7FO5AkwXJGAGApg%perryh@pluto.rain.com> <201003090848.o298mBSN079005@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Olivier Nicole <Olivier.Nicole@cs.ait.ac.th> wrote: > > What happened to Diffie-Hellman? Last I heard, its whole > > point was to enable secure communication, protected from both > > eavesdropping and MIM attacks, between systems having no prior > > trust relationship (e.g. any sort of pre-shared secret) ... > > I am not expert in cryptography ... Nor am I > but logic tends to tell me that is I have no prior knowledge about > the person I am about to talk to, anybody (MIM) could pretend to > be that person. > > The pre-shared information need not to be secret ... but there is > need for pre-shared trusted information. Er, if the pre-shared information is not secret, how can I be sure that the person presenting it is in fact my intended correspondent and not a MIM? My impression is that Diffie-Hellman (somehow) solves this sort of problem.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4b97392c.O1yEWWCVzta4T7fL%perryh>