[Botan-devel] Encrypt/Desencrypt the hash of SymmetricKey

Jack Lloyd lloyd at randombit.net
Wed Jun 29 15:31:13 EDT 2005


Hmmmm... I still don't get it. :)

When you complete the DH exchange, the two sides will share a session key,
there is no reason to encrypt anything in order to exchange the keys in DH. I
think what you are saying is you want to use the hash to verify that the two
sides have computed the same session key. I don't think this will work, because
anyone doing a MITM attack on your DH exchange can simply replace that hash at
the same time as they swap the keys around. And if A and B already know each
other's public key, then there is no danger of a MITM attack anyway (though
there *is* a danger there, in that with DH, the same two public keys will
always create the same session key). Which is why you then see protocols such
as MQV being used, to prevent issues like this.

Jack

On Wed, Jun 29, 2005 at 07:07:14PM +0200, Ruben Quintero Lores wrote:
> Hi Jack:
> 
> I want to do a simple DH session key exchange securily.
> Imagine I want comunicate two nodes A and B in a network both nodes have
> a DH key pair (public and private)
> Node A send the public key to B, B calculate the session symmetric key
> and need send to A. BUT I need it session key travel is secure hashing
> and encrypting it.
> 
> A can calculate the session symmetric key with public key of B and
> calculate the session symmetric key and both must have the same value.
> 
> I need only hash and encrypt a DHSymmetricKey to send the encripted hash
> through a comunication channel and whena node receive it the decrypt
> this hash and obtain the original session symmetric key.
> 
> I hope I explain better now.
> 
> Thank you very much,
> 
> Rub??n
> 
> El mi??, 29-06-2005 a las 12:38 -0400, Jack Lloyd escribi??:
> > To be honest I don't understand what you are trying to do. You have exchanged a
> > secret key with another party using DH, and now you want to send this key to a
> > third party (?).
> > 
> > -Jack
> > 
> > On Wed, Jun 29, 2005 at 05:01:11PM +0200, Ruben Quintero Lores wrote:
> > > Hi!!
> > > 
> > > I have a Diffie Hellmann Symmetric key, I need first obtain the hash and
> > > then encrypt this hash to send to another node.
> > > 
> > > How can I do it?? Some sample lines...
> > > 
> > > Help me please!!
> > > 
> > > Best regards,
> > > 
> > > Rub??n
> > > 
> > > _______________________________________________
> > > botan-devel mailing list
> > > botan-devel at randombit.net
> > > http://www.randombit.net/mailman/listinfo/botan-devel



More information about the botan-devel mailing list