<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Nov 29, 2015 at 12:32 PM, U.Mutlu <span dir="ltr"><<a href="mailto:for-gmane@mutluit.com" target="_blank">for-gmane@mutluit.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi all,<br>
Of course the communication must be encrypted against passive MITM,<br>
and must also detect active MITM.</blockquote><div><br></div><div style="font-size:12.8px">If you want to detect, but not prevent, active MITM, there's the approach of a central key server with a "transparency log" to ensure global consistency. A MiTM attack fundamentally requires that the key server returns inconsistent results, which you can try to make detectable.</div><div style="font-size:12.8px"><br></div><div><span style="font-size:12.8px">CONIKS is a proposal for this: </span><a href="http://www.jbonneau.com/doc/MBBFF15-coniks.pdf" target="_blank" style="font-size:12.8px">http://www.jbonneau.com/doc/MBBFF15-coniks.pdf</a> </div></div></div></div>