[messaging] MITM-safe communication w/o authentication possible?

Natanael natanael.l at gmail.com
Sun Nov 29 16:00:21 PST 2015

Den 30 nov 2015 00:53 skrev "Ethan Heilman" <eth3rs at gmail.com>:

> I agree with what you argue here. I also agree that the system I
> described does not work for most typical communication use cases but
> the question was:
> >"if it can be possible, _at least theoretically_, to have a MITM-secure
internet channel without the use of PKI".
> The answer is both yes it is theoretically possible and yes there are
> atypical but real use cases.
> Am I correct in my understanding that .onion addresses work this way?

No, they're hashes of public keys. Self authenticating. The distribution of
the name is itself the PKI mechanism.

> I would also expect that this could be useful for:
> 1. self-organizing sensor networks,

Under what threat model?

> 2. pseudonymous internet forums (user A wants to send a message to the
> user that write post X, user A doesn't care about that user's 'true
> name'),

Doesn't help against plagiarism or other forgery. See the method on winning
against chess grandmasters - make yourself the proxy in between two chess
grandmasters who both see your name and don't know do they really are
playing against.

In other words, stripping out attribution and substituting your own is

> 3. and cryptocurrency transactions.

Same as Tor, self authenticating addresses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20151130/21479fd7/attachment.html>

More information about the Messaging mailing list