[14438] in cryptography@c2.net mail archive
Re: anonymous DH & MITM
daemon@ATHENA.MIT.EDU (Tim Dierks)
Thu Oct 2 16:04:21 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 02 Oct 2003 15:35:12 -0400
To: "Cryptography list" <cryptography@metzdowd.com>
From: Tim Dierks <tim@dierks.org>
Cc: "Zooko O'Whielacronx" <zooko@zooko.com>
In-Reply-To: <E1A55kZ-0004Ud-00@localhost>
At 11:52 AM 10/2/2003, Zooko O'Whielacronx wrote:
> Bear wrote:
> > You can have anonymous protocols that aren't open be immune to MITM
> > And you can have open protocols that aren't anonymous be immune to
> > MITM. But you can't have both.
>
>I'd like to see the proof.
>
>I think it depends on what you mean by "MITM". Take the Chess Grandmaster
>Problem: can Alice and Bob play a game of chess against one another while
>preventing Mitch (the Man In The CHannel) from "proxying" their moves to one
>another while taking the credit for being a good chess player?
I think it's a tautology: there's no such thing as MITM if there's no such
thing as identity. You're talking to the person you're talking to, and
that's all you know.
Re: your chess problem, I think the reason it's not applicable is because
the concept of "Alice" and "Bob", as distinct from "Mitch", has no role in
an anonymous protocol: Alice completing a chess move with Mitch is just as
valid as completing one with Bob.
- Tim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
