[cryptography] binding to channel params to prevent MITM

travis+ml-rbcryptography at subspacefield.org travis+ml-rbcryptography at subspacefield.org
Sat Dec 4 15:50:43 EST 2010


Hey I don't know what it's called, but I'm wondering how one binds a
challenge/response (or whatever you authenticate with) inside a secure
tunnel to prevent the peer from relaying it on to another party to
answer.

I assume it could be as simple as signing a nonce and some parameter
of the channel (such as an ephemeral key) and sending that (or something
derived from it) as the challenge, but curious what the options and
tradeoffs are.
-- 
Good code works on most inputs; correct code works on all inputs.
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/ 
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20101204/25142042/attachment.asc>


More information about the cryptography mailing list