Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:22
Enzo Michelangeli (em@who.net)
Tue, 27 Oct 1998 08:38:11 +0800
-----Original Message-----
From: David R. Conrad <drc@adni.net>
To: CodherPlunks@toad.com <CodherPlunks@toad.com>
Date: Tuesday, October 27, 1998 1:40 AM
Subject: Java applet security, exportability, Jon Postel haiku
[...]
>In summary (thanks for reading this far):
>
>Protocol: variant of DH, 1024-bit modulus from Photuris draft, g=2
>Server: has fixed 800-bit x, X = g^x mod n is precomputed
>Client: has X built in at compile-time, harvests entropy for y
> computes Y = g^y mod n, K = SHA1(k = X^y mod n)
> send message Y|E_K(M1)
>Server: receives Y|E_K(M1), computes K = SHA1(k = Y^x mod n)
> decrypts E_K(M1), sends reply E_K(M2)
>Client: decrypts E_K(M2)
>
>Questions:
[...]
>4) What symmetric cypher would you recommend I use?
Avoid IDEA, it's patented in many countries. I would stick to ole
3DES-EDE-ECB, especially if you don't have large amounts of data to
bulk-encrypt.
BTW, you may want to have a look at ANSI X9.42 or, if you can't get a copy,
at:
http://www.ietf.org/internet-drafts/draft-ietf-smime-x942-00.txt
written by Eric Rescorla:
Abstract This document standardizes one particular Diffie-Hellman
variant,
based on the ANSI X9.42 standard, developed by the ANSI X9F1 working
group. An algorithm for converting the shared secret into an arbi-
trary amount of keying material is provided. In addition, a standard
group that meets the X9.42 requirements is provided.
That draft, for KEK, considers DES-ECB, 3DES-EDE-ECB and RC2.
Enzo
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:22