James A. Donald writes:
> In all public key solutions,
> the public keys are used to set up a symmetric key that is not subject to
> dictionary attacks.
False. A public key solution that chose bad
symmetric keys would be subject to dictionary
attacks and much more.
> It is probably possible to set up a system with properties similar to those
> that I outlined using nothing but symmetric key cryptography, though it
> would be more complex, hence harder to
> understand and harder to get right.
FSVO "more".
> Existing symmetric key solutions (Kerberos) are vulnerable to
> dictionary attack
This is a ludicrous strawman. People choose
dictionary attackable symmetric keys, not
Kerberos.
Talk about babies and bathwater...
Mike
- Re: [SIP] Re: SIP gateways and authentication Michael Thomas
- Re: [SIP] Re: SIP gateways and authentication Paul Krumviede
- Re: [SIP] Re: SIP gateways and authentication Henning Schulzrinne
- Re: [SIP] Re: SIP gateways and authentication Michael Thomas
- Re: [SIP] Re: SIP gateways and authentication James A. Donald
- Re: [SIP] Re: SIP gateways and authentication Michael Thomas
- RE: [SIP] Re: SIP gateways and authentication Henry Sinnreich
- Re: [SIP] Re: SIP gateways and authentication Jonathan Trostle
- RE: [SIP] Re: SIP gateways and authentication Brian Stucker
- Re: [SIP] Re: SIP gateways and authentication James A. Donald
- Re: [SIP] Re: SIP gateways and authentication Michael Thomas
- Re: [SIP] Re: SIP gateways and authentication James A. Donald
- Re: [SIP] Re: SIP gateways and authentication Jonathan Trostle
- RE: [SIP] Re: SIP gateways and authentication Maddux, Michel
- Re: [SIP] Re: SIP gateways and authentication James A. Donald
