Re: [cryptography] Information-theoretic cryptography for the masses
On 2013-06-25 16:25, Tom Ritter wrote: > From a high level view this looks like it provides similar features as > OTR + OTR's SMP. Which works pretty well. Thanks. Couple of points I worry about: - Does the KS actually provide reasonable entropy? How can one measure whether it really performs as advertised? When to terminate the protocol? And so on. We still are "at least as good as RSA", though. - Alice and Bob mutually depend on the quality of each others' one-time RSA keys. Can this be somehow helped? > > Well, actually, I have to say it works 'okay' because in practice I > have to run SMP a couple of times with my partner until we hit upon > the identical punctuation, capitalization, and question to which we > both have the same unambiguous answer. Yeah, it can be pretty annoying but I currently don't know of a better mutual auth protocol :( Could be helped with a bit of "text normalization" applied by both parties' software, I guess. > > -tom > smime.p7s Description: S/MIME Cryptographic Signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Information-theoretic cryptography for the masses
>From a high level view this looks like it provides similar features as OTR + OTR's SMP. Which works pretty well. Well, actually, I have to say it works 'okay' because in practice I have to run SMP a couple of times with my partner until we hit upon the identical punctuation, capitalization, and question to which we both have the same unambiguous answer. -tom ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Information-theoretic cryptography for the masses
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi everyone, It has come to my mind that you can combine SMP (socialist millionaires protocol) and Kish-Sethuraman protocol to get a protocol which is both IT-secure and can be bootstrapped without all the key management burden. So, I tried to outline the way how exactly they should be combined and what properties will the resulting construction have. You can read the draft of the article here: http://tvori.info/people/wizzard/writings/2013/nikitin-mits-draft.pdf Since this is both my first TeX article and first contribution to the cryptography field, any feedback is greatly appreciated. Thanks! - -- Oleksandr Nikitin -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlHJNjgACgkQQ8onw7QNnbjI2QCfYFlUk9LE9NQxihJanoYOFszZ B4sAnigFggmUyIIQZOUctF7hvYyxpuHs =X4LU -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography