Questions tagged [diffie-hellman]
The Diffie–Hellman key agreement is an anonymous, non-authenticated key-agreement protocol.
286 questions
1
vote
1
answer
133
views
Kerberos Kinit: How is Diffie Hellman PKE with Ephemeral Keys Performed?
How is Diffie Hellman PKE with Ephemeral keys performed using Kerberos and KINIT? Has it been implemented yet in MIT or Heimdal Kerberos?
I think it might be RFC 9528. I ask because I can't seem to ...
- 47
0
votes
2
answers
231
views
Can I skip verifying server CA in mTLS if I don't need request confidentiality nor response integrity?
Consider this scenario in an HTTPS (m)TLS [*] request:
A trusted client sends a select query (the request) to a read-only database server
The server uses a self-signed certificate, so it is ...
- 133
3
votes
1
answer
545
views
Kerberos: authenticating and securing with 'pkinit' vs 'kinit'? Different threats for each?
What are is the threat vector comparison using 'pkinit' (public-key) vs 'kinit' (password hash) with Kerberos for authentication and distribution of session keys (CK)? On Unix OS?
I'm finding the ...
- 47
3
votes
1
answer
450
views
Value of ECDH with ECIES
I am struggling to understand the value of ECIES in a offline message encryption scheme with shared static ECDH keys.
So if Bob and Alice each have a static public ECDH key stored in a directory.
Each ...
- 133
1
vote
2
answers
574
views
Can the WhatsApp servers really not read our messages?
As Whatsapp uses Diffie-Hellman algorithm for a key exchange and SSL certification ensures the authenticity of its server for the end user like me.
As per my understanding, messages first has to go to ...
- 11
1
vote
0
answers
211
views
Mutual Authentication after ECDH Exchange with pre-shared secrets
I´m currently building a protocol, in which two parties establish a connection via ECDH Key Establishment. The shared secret after ECDH is used to derivate Keys (with HKDF) for symmetric encryption.
...
- 11
1
vote
0
answers
130
views
Minimizing trust assumptions in Messaging Protocols
As I was listening to an interview yesterday, the journalist claimed that his Signal communications were being spied on by the NSA. Whether to believe him or not is subjective. Still, it is an ...
5
votes
1
answer
676
views
Why do you need random number for ECDH shared key computation
Let's assume that authentication with certificates has been well performed, next step is to generate short-term private&public ECC keys for ECDH shared key computation.
Alice: Generates keyA with ...
0
votes
1
answer
1k
views
Why does the Public Key Info field in an X509 certificate for EC indicate the algorithm
The Subject Public Key Info field can have a value like ECDSA_P256 or ECDH_P256 when ECC is used.
Why is it not sufficient to specify "ECC_P256"? In other words, why is it not enough to ...
- 195
3
votes
1
answer
801
views
Benefits of the Double Ratchet protocol over the constant Ephemeral DH key exchange
I've been reading lately about the Double Ratchet protocol, how it works conceptually. I understand generally the idea behind the protocol, that it provides Forward Secrecy and Post-Compromise ...
- 133
2
votes
1
answer
243
views
DHE key exchange with p value 257 bytes but a pubkey of 256 bytes
I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: ...
- 23
6
votes
2
answers
12k
views
Why do I get the error "dh key too small" when the RSA key is 2048 bits?
When I try to connect to the site https://api-mte.itespp.org with OpenSSL (openssl s_client -connect api-mte.itespp.org:443 -brief), it complains that the DH key is too small. But when I analyze its ...
- 163
1
vote
2
answers
297
views
Evading authenticated diffie hellman with MITM
I understand that in a non-authenticated Diffie-Hellman setup, a man-in-the-middle attack can occur. Now i'm curious about the feasibility of the following scenario:
Let's assume a situation where www....
- 11
2
votes
2
answers
269
views
Can Fido2 hardware tokens be used for key agreement or Diffie-Hellman?
With Fido2 becoming more popular we see more and more affordable Fido2 hardware security keys on the market.
Can we use those tokens also for establishing a shared secret between two tokens?
I would ...
1
vote
0
answers
164
views
What are the ranges of values for DH parameter a and DH parameter b [closed]
I have discovered that Diffie Hellman(DH)shared key is unequal in Apple Numbers, Google Sheets, and Mac Excel (2008).
In Section 1.0, the first try at a solution uses a small Prime to produce certain ...
- 11