[17004] in cryptography@c2.net mail archive
Re: I'll show you mine if you show me, er, mine
daemon@ATHENA.MIT.EDU (Dan Kaminsky)
Sat Mar 5 10:29:54 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 03 Mar 2005 16:43:21 -0800
From: Dan Kaminsky <dan@doxpara.com>
To: Jerrold Leichter <jerrold.leichter@smarts.com>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>,
cryptography@metzdowd.com, cypherpunks@al-qaeda.net,
rah@shipwright.com
In-Reply-To: <Pine.SOL.4.61.0503031730220.378@frame>
>The description has virtually nothing to do with the actual algorithm
>proposed. Follow the link in the article - http://www.stealth-attacks.info/ -
>for an actual - if informal - description.
>
>
There is no actual description publically available (there are three
completely different protocols described in the press). I talked to the
author about this; he sent me a fourth, somewhat reasonable document.
At *best*, this is something akin to SRP with the server constantly
proving its true nature with every character (yes, shoulder surfers get
to attack keys one at a time). It could get pretty bad though, so
rather than support it or bash it, I'd just reserve judgement until it's
publically documented at Financial Crypto.
--Dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
