"U.Mutlu" <[email protected]> writes: > I wonder if it can be possible, at least theoretically, to have a > MITM-secure internet channel without the use of PKI and/or > persistent password (ie. w/o authentication, like in the telephone network)? > Of course the communication must be encrypted against passive MITM, > and must also detect active MITM. > Does anybody know of such a protocol, info, papers etc.?
This paper seems relevant: https://eprint.iacr.org/2013/410.pdf The abstract says: "PnP-IPsec builds on Self-validated Public Data Distribution (SvPDD), a protocol that we present to establish secure connections between remote peers/networks, without depending on pre-distributed keys or certification infrastructure. Instead, SvPDD uses available anonymous communication infrastructures such as Tor, which we show to allow detection of MitM attacker interfering with communication. SvPDD may also be used in other scenarios lacking secure public key distribution, such as the initial connection to an SSH server." Cheers, David _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
