[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Elementary fact on cryptographic security

To: multi6@ops.ietf.org
Subject: Elementary fact on cryptographic security
From: masataka ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Mon, 03 Nov 2003 17:34:33 +0900
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

A elementary fact on cryptographic security is that related parties
must be securely configured in advance with some information on keys.

Otherwise, a system is, as is exemplified by DH key exchange, subject
to MITM attack.

However, there are people trying to make something impossible possible
by complicated engineering.

Some of them ignore laws of thermodynamics and try to invent
complicated perpetual motion machines.

Others write complicated drafts with plain DNS to supply signatures
of insecure public keys to improve security ignoring the fact that
plain DNS is an easy victim of the MITM attack.

						Masataka Ohta

PS

The next obvious step for them is autocnfiguration of secure DNS. :-)

Prev by Date: Re: about draft-ohta-multihomed-isps-00.txt
Next by Date: RE: Preserving established communications (was RE: about draft-nordmark-multi6-noid-00)
Previous by thread: about draft-ohta-multihomed-isps-00.txt
Next by thread: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
Index(es):
- Date
- Thread