<html><body><span class="xfm_22192323">I want to perform DH on the EC25519 and verify the secret using a short fingerprint (32 bits SAS). Typically in this case the commitment needed for preventing MitM by influence the responder's key after originator's key was received.  <br/>To be securely the following scheme instead commitment:<br/>first exchange parts of the keys (first 224 bits) and then the remaining 32 bits during second pass?<br/><br/></span><img src="https://mail.ukr.net/api/public/message_read?a=gKmgv9dJOFKr1qfkfopsNCLgD9YzHsbrVFJOfbjAIxCpei1Lt5WL_vBmkaGOcFv9xXRtWaid46LYmeQ0bqNo41zdzwCsUvBEicgkBvmAEw==" alt="" width="1" height="1" style="visibility: hidden; width: 1px; height: 1px;"/>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       </body></html>