> Alice: > Token = H(bob's PK XOR my PK + session key) > Send Token + H(bob's PK + token) > > Bob: > If gets it all right, accept it and send IV > If gets H(bob's PK + token) right (he sent token, we know our > own PK), we know he knows our key, so send a hangup byte (and go > to inbound neg with no known session) > If gets it all wrong, close the connection
What about replay attacks? Ian. -- Ian Clarke [EMAIL PROTECTED] Coordinator, The Freenet Project http://freenetproject.org/ Founder, Locutus http://locut.us/ Personal Homepage http://locut.us/ian/
pgp00000.pgp
Description: PGP signature
