From owner-freebsd-security  Mon Feb 27 10:05:00 1995
Return-Path: security-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id KAA00518 for security-outgoing; Mon, 27 Feb 1995 10:05:00 -0800
Received: from cs.weber.edu (cs.weber.edu [137.190.16.16]) by freefall.cdrom.com (8.6.9/8.6.6) with SMTP id KAA00512; Mon, 27 Feb 1995 10:04:57 -0800
Received: by cs.weber.edu (4.1/SMI-4.1.1)
	id AA02322; Mon, 27 Feb 95 10:57:33 MST
From: terry@cs.weber.edu (Terry Lambert)
Message-Id: <9502271757.AA02322@cs.weber.edu>
Subject: Re: key exchange for rlogin/telnet services?
To: pst@Shockwave.COM (Paul Traina)
Date: Mon, 27 Feb 95 10:57:33 MST
Cc: mycroft@ai.mit.edu, hackers@freefall.cdrom.com,
        security@freefall.cdrom.com
In-Reply-To: <199502271728.JAA03786@precipice.Shockwave.COM> from "Paul Traina" at Feb 27, 95 09:28:51 am
X-Mailer: ELM [version 2.4dev PL52]
Sender: security-owner@FreeBSD.org
Precedence: bulk

> Hence the disclaimer in front... can you go any further than "take this with
> 3 grains of salt?"
> 
> I'll go dig out my copy of applied crypto and see where I went wrong, but
> I was almost positive you needed to use RSA to bootstrap the initial
> secret exchange.

[ ... ]

>   Diffie-Hellman key exchange has no relation to RSA public key
>   encryption.

I thought (well, RSA thinks) that the RSA patents cover *all* known
public key encryption techniques?

Diffie-Hellman requires public key for the initial exchange, and is
in fact a technique for secure exchange of keys.

I thought it was also patented by PKP/RSA?


					Terry Lambert
					terry@cs.weber.edu
---
Any opinions in this posting are my own and not those of my present
or previous employers.