CryptKit 0.9: cryptsock
Bryan
bryan at eevolved.com
Sun Dec 2 10:11:49 EST 2001
On Saturday 01 December 2001 10:36 pm, Paul Rubin wrote:
> Bryan <bryan at eevolved.com> writes:
> > When you say "shared secret key" do you mean that the remote and local
> > hosts both have apriori knowledge of the symmetric key? Or are you
> > referring to some other mutually shared token, like a password? If you
> > meant the latter, then I agree with you completely and you should see
> > that feature appear in the next release :)
>
> I mean a shared random symmetric key (i.e. something like 32 hex
> digits), known a priori to both ends. If it's a low entropy token
> like a password, you need a fairly complicated protocol like SRP to
> stop it from being found by dictionary attacks against recorded
> traffic. Including SRP (http://srp.stanford.edu) is a reasonable idea
> though, since it's good for other things as well.
Thanks for the link, it lead me to research other password-based
key-agreement schemes. I found Authentication and Key Agreement via Memorable
Password ( http://citeseer.nj.nec.com/kwon00authentication.html ) which
claims to be the most efficient of all of them ( EKE, PAK, SRP, GXY, AuthA ).
I believe I will implement AMP. Your input would be appreciated.
--
<==================================>
Bryan Mongeau
eEvolved Real-Time Technologies Inc.
Website: http://www.eevolved.com
Public key: http://pgp.mit.edu
<==================================>
"Reality is merely an illusion, albeit a very persistent one."-- Einstein
More information about the Python-list
mailing list