[87808] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Secure phone

daemon@ATHENA.MIT.EDU (Bill Frantz)
Tue Oct 7 03:19:03 1997

In-Reply-To: <199710061757.SAA01293@server.test.net>
Date: Mon, 6 Oct 1997 21:22:21 -0700
To: Adam Back <aba@dcs.ex.ac.uk>
From: Bill Frantz <frantz@netcom.com>
Cc: eb@comsec.com, cypherpunks@Algebra.COM
Reply-To: Bill Frantz <frantz@netcom.com>

At 10:57 AM -0700 10/6/97, Adam Back wrote:
>Bill Frantz <frantz@netcom.com> writes:
>> At 6:25 PM -0700 10/5/97, Adam Back wrote:
>> >On the other hand, using persistent key public key crypto, Tim has
>> >been signing his posts recently, and I have an ancient public key of
>> >his stashed away which his new key is signed with.  If we were able to
>> >construct a protocol to bolt on top of the reading of hashes, we could
>> >have much greater protection against MITM.
>>
>> Of course if you can use PGP as well as the secure phone, you can use PGP
>> to exchange a pad of one-time passwords.
>
>The passwords alone don't do you any good: if you read them out over
>the phone, Eve can just repeat them.

One simple possibility is to send out ten word groups.  Use each group only
once.  Use the words to encode the key hash display.


-------------------------------------------------------------------------
Bill Frantz       | Internal surveillance      | Periwinkle -- Consulting
(408)356-8506     | helped make the USSR the   | 16345 Englewood Ave.
frantz@netcom.com | nation it is today.        | Los Gatos, CA 95032, USA



home help back first fref pref prev next nref lref last post