[messaging] Can a pre-shared public key prevent MITM-attacks?

U.Mutlu for-gmane at mutluit.com
Mon Dec 7 16:46:58 PST 2015

Justin King-Lacroix wrote on 12/07/2015 02:52 PM:
> No. Even in principle, this is essentially impossible -- two parties with
> no relationship basically can't communicate securely.
> There are lots of approaches to the problem, but they all involve breaking
> the 'no relationship' constraint. PKI -- and thus iMessage, WhatsApp --
> does it by introducing a well-known trusted third-party. PGP / Web of Trust
> does it by relying on social graphs. OTR and SSH leave it up to you: they
> show you the key fingerprint, and it's up to you to work out whether it's
> the right one.
> But in general, the problem you're describing has no solution.

This is like an unexpected cold shower for me, but I think there
has to be, ought to be, a solution, and I'm optimistic about it.
It should be a call, a challenge, for all doing research in crypto
to find the "final solution" to this problem.

> (Once you've exchanged keys, of course, there are a multitude of way to
> create a secure channel on that basis. But you need to exchange keys
> somehow first.)


More information about the Messaging mailing list