[messaging] MITM-safe communication w/o authentication possible?

Joseph Bonneau jbonneau at cs.stanford.edu
Sun Nov 29 13:35:15 PST 2015


On Sun, Nov 29, 2015 at 12:32 PM, U.Mutlu <for-gmane at mutluit.com> wrote:

> Hi all,
> Of course the communication must be encrypted against passive MITM,
> and must also detect active MITM.


If you want to detect, but not prevent, active MITM, there's the approach
of a central key server with a "transparency log" to ensure global
consistency. A MiTM attack fundamentally requires that the key server
returns inconsistent results, which you can try to make detectable.

CONIKS is a proposal for this:
http://www.jbonneau.com/doc/MBBFF15-coniks.pdf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20151129/d643ff9f/attachment.html>


More information about the Messaging mailing list