Hi BU,
bustao...@cryptolounge.net wrote:
> Perhaps my question is related to Michaels question, but above removing A, X,
> Y and server ID leaves the possibility of a person-in-the-middle who by
> manipulating public keys (resend 2A, instead of A, 2X instead of X, 2Y instead
> of Y) can force two
Hi Michael,
Michael Rogers wrote:
> If we're concerned with the server choosing its public material in such
> a way as to bias the entropy extraction, does that mean that in this
> case, the attacker is the server, and therefore the server's public
> material shouldn't be included in the salt?