Making asymmetric cryptosystems work with assigned public keys?
Nimmi Srivastav
Apologies if this is OT.
Is there a solution for asymmetric cryptography (using public and
private keys) between two end points (say Point A and Point B) when
Point A does not have the liberty to choose its own public key but is
forced by a third party, that wants to exercise administrative rights,
to use an assigned public key? Is it still possible to establish
secure communication between the two end points, A and B, such that
the third party (that wants to exercise administrative rights) cannot
decipher the communication?
Thanks,
Nimmi
Ronny Schuetz
You could use the keys for example for authentication only and use the
Diffie-Hellman key exchange protocol [1] to generate the session key to
communicate securely.
Ronny
[1] http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
Kristian Gjųsteen
>Is it still possible to establish
>secure communication between the two end points, A and B, such that
>the third party (that wants to exercise administrative rights) cannot
>decipher the communication?
If someone else knows A's private keys, then that someone else can always
impersonate A.
One method is to let A and B have signing keys, then use a signed
Diffie-Hellman key exchange to establish session keys.
PS. Followup-To set to sci.crypt.
--
Kristian Gjųsteen
CWhizard
B and C has A's private key, then C can impersonate A.
As far as sucure communicatiosn go once authentication is through, DH is
probably the easiest PKE to impliment.
You could always generate your own public/private key pairs.
"Nimmi Srivastav" <nimmi_s...@yahoo.com> wrote in message
news:4fbac648-0b9a-4240...@m73g2000hsh.googlegroups.com...
CBFalconer
>
> For authentication, there is no way around it. If A encrypts
> something for B and C has A's private key, then C can impersonate
> A. As far as sucure communicatiosn go once authentication is
> through, DH is probably the easiest PKE to impliment.
>
> You could always generate your own public/private key pairs.
Please do not top-post. Your answer belongs after (or intermixed
with) the quoted material to which you reply, after snipping all
irrelevant material. This has lost all connection to previous
messages. See the following links:
--
<http://www.catb.org/~esr/faqs/smart-questions.html>
<http://www.caliburn.nl/topposting.html>
<http://www.netmeister.org/news/learn2quote.html>
<http://cfaj.freeshell.org/google/> (taming google)
<http://members.fortunecity.com/nnqweb/> (newusers)
** Posted from http://www.teranews.com **
CWhizard
sufficiently beaten. If you don;t like it then complain to microsoft.
"CBFalconer" <cbfal...@yahoo.com> wrote in message
news:484B7009...@yahoo.com...
Phil Carmody
fool who blames software for his own shortcomings:
> "CBFalconer" <cbfal...@yahoo.com> wrote in message
> news:484B7009...@yahoo.com...
>> CWhizard wrote:
>>>
>>> For authentication, there is no way around it. If A encrypts
>>> something for B and C has A's private key, then C can impersonate
>>> A. As far as sucure communicatiosn go once authentication is
>>> through, DH is probably the easiest PKE to impliment.
>>>
>>> You could always generate your own public/private key pairs.
>>
>> Please do not top-post. Your answer belongs after (or intermixed
>> with) the quoted material to which you reply, after snipping all
>> irrelevant material. This has lost all connection to previous
>> messages. See the following links:
> Please do not post inane rants about top posting. That dead horse has been
> sufficiently beaten. If you don;t like it then complain to microsoft.
A) It wasn't inane, it's addressing a pertinent issue.
B) While there are fools like you around, the horse has not been
sufficiently beaten.
C) It's the humans that use the programs that are doing the top-posting.
it's trivial to move a cursor. Therefore the humans who top-post
are the ones who should be complained to.
Phil
--
Dear aunt, let's set so double the killer delete select all.
-- Microsoft voice recognition live demonstration
Alf P. Steinbach
> Please do not post inane rants about top posting. That dead horse has been
> sufficiently beaten. If you don;t like it then complain to microsoft.
Try installing OE QuoteFix if you absolutely must use Outlook Express.
Note that Outlook Express is unable to present digitally signed correctly, and
mangles code lines when posting.
It's not really a good idea to use OE.
Cheers, & hth.,
- Alf
--
A: Because it messes up the order in which people normally read text.
Q: Why is it such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
Phlip
anyway!
> Try installing OE QuoteFix if you absolutely must use Outlook Express.
Richard Heathfield
> Please do not post inane rants about top posting.
You have not demonstrated that the post was either inane or a rant.
> That dead horse has been sufficiently beaten.
Clearly not, since you haven't got the message yet.
> If you don;t like it then complain to microsoft.
When some bozo parks his Mondeo right outside your house, blocking you in, do
you complain to Ford? It's hardly the manufacturer's fault if the user is too
stupid to use the product properly.
--
Richard Heathfield <http://www.cpax.org.uk>
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999
rossum
>Please do not post inane rants about top posting. That dead horse has been
>sufficiently beaten. If you don;t like it then complain to microsoft.
As you have no doubt noticed, this thread is copied to sci.crypt.
Discussion in that newsgroup can get somewhat, erm..., robust at
times.
However, even if robust the discussion is usually correct. Please do
not top post; either learn to use OE properly or get a better
newsreader.
rossum
CBFalconer
>
> Please do not post inane rants about top posting. That dead
> horse has been sufficiently beaten. If you don;t like it then
> complain to microsoft.
PLONK. Bye.
--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home.att.net>
Try the download section.