On Sun, 28 May 1995, Simon J. Gerraty wrote:
> > > Has there been a better way developed to encrypt telnet session without
> > > compromising the keys???
> > Just use some form of PKE. Send the Public keys over the insecure
> > channel and then encrypt the data streams with different keys.
> That's what I did - added TELOPT_PKE to do RSA based exchange of DES
> keys. Works very nicely - requires no admin at all - all keys are
> one use only... but is vulnerable to man in the middle atatcks.
By man-in-the-middle attacks here you mean an attack in which the
interloper would intercept both Alice and Bob's keys and then generate a
spurious set of keys which he would forward to Alice and Bob.
He would forward all transmissions to Alice and Bob, but at the same
time, since he generated the keys, reads the messages passing between
Ok, so why not use some sort of Zero Knowledge Authentication?