Making asymmetric cryptosystems work with assigned public keys?

Discussion:

(too old to reply)

Nimmi Srivastav

2008-06-06 21:40:20 UTC

Hi,

Apologies if this is OT.

Is there a solution for asymmetric cryptography (using public and
private keys) between two end points (say Point A and Point B) when
Point A does not have the liberty to choose its own public key but is
forced by a third party, that wants to exercise administrative rights,
to use an assigned public key? Is it still possible to establish
secure communication between the two end points, A and B, such that
the third party (that wants to exercise administrative rights) cannot
decipher the communication?

Thanks,
Nimmi

Ronny Schuetz

2008-06-06 22:20:35 UTC

Permalink

Hi,

Post by Nimmi Srivastav
Is there a solution for asymmetric cryptography (using public and
private keys) between two end points (say Point A and Point B) when
Point A does not have the liberty to choose its own public key but is
forced by a third party, that wants to exercise administrative rights,
to use an assigned public key? Is it still possible to establish
secure communication between the two end points, A and B, such that
the third party (that wants to exercise administrative rights) cannot
decipher the communication?

You could use the keys for example for authentication only and use the
Diffie-Hellman key exchange protocol [1] to generate the session key to
communicate securely.

Ronny

[1] http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange

Kristian Gjøsteen

2008-06-07 08:34:10 UTC

Permalink

Post by Nimmi Srivastav
Is it still possible to establish
secure communication between the two end points, A and B, such that
the third party (that wants to exercise administrative rights) cannot
decipher the communication?

If someone else knows A's private keys, then that someone else can always
impersonate A.

One method is to let A and B have signing keys, then use a signed
Diffie-Hellman key exchange to establish session keys.

PS. Followup-To set to sci.crypt.

--
Kristian Gjøsteen

CWhizard

2008-06-08 05:28:11 UTC

Permalink

For authentication, there is no way around it. If A encrypts something for
B and C has A's private key, then C can impersonate A.

As far as sucure communicatiosn go once authentication is through, DH is
probably the easiest PKE to impliment.

You could always generate your own public/private key pairs.

Post by Nimmi Srivastav
Hi,
Apologies if this is OT.
Is there a solution for asymmetric cryptography (using public and
private keys) between two end points (say Point A and Point B) when
Point A does not have the liberty to choose its own public key but is
forced by a third party, that wants to exercise administrative rights,
to use an assigned public key? Is it still possible to establish
secure communication between the two end points, A and B, such that
the third party (that wants to exercise administrative rights) cannot
decipher the communication?
Thanks,
Nimmi

CBFalconer

2008-06-08 05:37:13 UTC

Permalink

Post by CWhizard
For authentication, there is no way around it. If A encrypts
something for B and C has A's private key, then C can impersonate
A. As far as sucure communicatiosn go once authentication is
through, DH is probably the easiest PKE to impliment.
You could always generate your own public/private key pairs.

--
<http://www.catb.org/~esr/faqs/smart-questions.html>
<http://www.caliburn.nl/topposting.html>
<http://www.netmeister.org/news/learn2quote.html>
<http://cfaj.freeshell.org/google/> (taming google)
<http://members.fortunecity.com/nnqweb/> (newusers)

** Posted from http://www.teranews.com **

CWhizard

2008-06-15 15:47:45 UTC

Permalink

Please do not post inane rants about top posting. That dead horse has been
sufficiently beaten. If you don;t like it then complain to microsoft.

Post by CBFalconer

Please do not top-post. Your answer belongs after (or intermixed
with) the quoted material to which you reply, after snipping all
irrelevant material. This has lost all connection to previous
--
<http://www.catb.org/~esr/faqs/smart-questions.html>
<http://www.caliburn.nl/topposting.html>
<http://www.netmeister.org/news/learn2quote.html>
<http://cfaj.freeshell.org/google/> (taming google)
<http://members.fortunecity.com/nnqweb/> (newusers)
** Posted from http://www.teranews.com **

Phil Carmody

2008-06-15 16:47:48 UTC

Permalink

Post by CWhizard

Post by CBFalconer

Please do not top-post. Your answer belongs after (or intermixed
with) the quoted material to which you reply, after snipping all
irrelevant material. This has lost all connection to previous

Please do not post inane rants about top posting. That dead horse has been
sufficiently beaten. If you don;t like it then complain to microsoft.

A) It wasn't inane, it's addressing a pertinent issue.
B) While there are fools like you around, the horse has not been
sufficiently beaten.
C) It's the humans that use the programs that are doing the top-posting.
it's trivial to move a cursor. Therefore the humans who top-post
are the ones who should be complained to.

Phil

--
Dear aunt, let's set so double the killer delete select all.
-- Microsoft voice recognition live demonstration

Alf P. Steinbach

2008-06-15 17:03:07 UTC

Permalink

Post by CWhizard
Please do not post inane rants about top posting. That dead horse has been
sufficiently beaten. If you don;t like it then complain to microsoft.

Try installing OE QuoteFix if you absolutely must use Outlook Express.

Note that Outlook Express is unable to present digitally signed correctly, and
mangles code lines when posting.

It's not really a good idea to use OE.

Cheers, & hth.,

- Alf

--
A: Because it messes up the order in which people normally read text.
Q: Why is it such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?

Phlip

2008-06-15 17:24:07 UTC

Permalink

But I'm a total wiener, and I insist on top-posting - and cross posting -
anyway!

Post by Alf P. Steinbach
Try installing OE QuoteFix if you absolutely must use Outlook Express.

--
Phlip
http://assert2.rubyforge.org/assert_yin_yang.html

Richard Heathfield

2008-06-15 17:40:41 UTC

Permalink

Post by CWhizard
Please do not post inane rants about top posting.

You have not demonstrated that the post was either inane or a rant.

Post by CWhizard
That dead horse has been sufficiently beaten.

Clearly not, since you haven't got the message yet.

Post by CWhizard
If you don;t like it then complain to microsoft.

When some bozo parks his Mondeo right outside your house, blocking you in, do
you complain to Ford? It's hardly the manufacturer's fault if the user is too
stupid to use the product properly.

--
Richard Heathfield <http://www.cpax.org.uk>
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999

rossum

2008-06-15 19:19:13 UTC

Permalink

Post by CWhizard
Please do not post inane rants about top posting. That dead horse has been
sufficiently beaten. If you don;t like it then complain to microsoft.

As you have no doubt noticed, this thread is copied to sci.crypt.
Discussion in that newsgroup can get somewhat, erm..., robust at
times.

However, even if robust the discussion is usually correct. Please do
not top post; either learn to use OE properly or get a better
newsreader.

rossum

CBFalconer

2008-06-16 01:15:34 UTC

Permalink

Post by CWhizard
Please do not post inane rants about top posting. That dead
horse has been sufficiently beaten. If you don;t like it then
complain to microsoft.

... snip ...

PLONK. Bye.

--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home.att.net>
Try the download section.

** Posted from http://www.teranews.com **