> One thing I don't follow though is Scott's insistance that you cannot securely > swap any symmetric key that you want with DH key exchange. Everything that I > have read (which admittedly is not copious quantities) indicates that you get > to choose your symmetric key depending on what kind of encryption method > you select to use on the stream. Can't the shared secret that is derived from > the > public and private keys on both nodes be used to encrypt and exchange any > value for the symmetric key that you want? Thats your problem. DH is not a PK key exchange system. Its an anonymous system that will securely exchange a *random* key between two anonymous parties.
> idea to use a random key to foil traffic analysis, is that all that is being > said? > Or is it the fact that the DH key swapping is not secure when you have low > entropy keys (i.e. knowing something about the key makes it *way* easier > to find out the full key)? Nah. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000818/5dc7bf4b/attachment.pgp>
