[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: comments on draft-ietf-ipsec-isakmp-oakley-06.txt
D. Hugh Redelmeier writes:
> Section 1, in describing SKEME says:
>
> [Kra96] (SKEME) describes a versatile key exchange technique which
> provides anonymity, repudiability, and quick key refreshment.
>
> I don't know SKEME,
Per Sec. 13:
[Kra96] Krawczyk, H., "SKEME: A Versatile Secure Key Exchange
Mechanism for Internet", from IEEE Proceedings of the 1996 Symposium
on Network and Distributed Systems Security.
> but claiming repudiability seems odd.
I'm not following your line of reasoning here.
> Perhaps "non-repudiability" is meant.
Nope. Here's an excerpt from the end of Sec. 5.2 that discusses this
feature of the protocol:
>>> Using encryption for authentication provides for a plausably deniable
>>> exchange. There is no proof (as with a digital signature) that the
>>> conversation ever took place since each party can completely
>>> reconstruct both sides of the exchange. In addition, security is
>>> added to secret generation since an attacker would have to
>>> successfully break not only the Diffie-Hellman exchange but also
>>> both RSA encryptions. This exchange was motivated by [Kra96].
-Lewis <pseudonym@acm.org> <http://www.cs.umass.edu/~lmccarth>
References: