[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] netsync transport encryption?

From: Richard Levitte - VMS Whacker
Subject: Re: [Monotone-devel] netsync transport encryption?
Date: Wed, 25 Oct 2006 14:41:36 +0200 (CEST)

In message <address@hidden> on Wed, 25 Oct 2006 14:28:56 +0200, Dirk Hillbrecht 
<address@hidden> said:

dh> Hi,
dh> Cem Karan wrote:
dh> > Poking through the Botan sources, I saw that it supports AES all the
dh> > way through 256 bit keys, and there seems to be support for the
dh> > various modes of encryption (CBC, CFB, etc.), so once the session keys
dh> > are setup, the rest should be pretty easy. [...]
dh> The question is what you want: Encryption or authentication. If you want
dh> a full-blown authentication, than a public key scheme as outlined is
dh> needed. If you, however, only want an encrypted connection (and
dh> authenticate the remote site by other means), then a simple
dh> Diffie-Hellman-key-exchange at the beginning would be sufficient for
dh> setting up the symmetric key. Diffie-Hellman allows to create a secret
dh> session key between two parties through an unencrypted connection
dh> without any third person being able to steal the key - even if that Eve
dh> listens to the complete data traffic. Pretty slick.

monotone already does authentication.  Encryption would therefore
merely be an add-on.


Please consider sponsoring my work on free software.
See for details.

Richard Levitte                         address@hidden

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis

reply via email to

[Prev in Thread] Current Thread [Next in Thread]