James Muir wrote: > > You may already know that the current scheme has a security reduction > (Goldberg, PET 2006), so I imagine there would have to be a comparable > argument before the powers that be would consider a new scheme. > > Out of curiosity, what is it about your scheme that makes you say it is > insecure? > > -James Mike Perry had an MITM attack. It wasn't due to a problem with my proof but a problem in that what I proved wasn't sufficient to insure security. Basically Alice was performing DH with y the generator. So Eve could easily perform an MITM attack. And Eve can connect to Ricky easily. Still, a more efficient and still *secure* protocol would be a win.
Attachment:
signature.asc
Description: OpenPGP digital signature