Re: [Govpn-devel] Security issues in protocol

public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed

From: stargrave@stargrave•org
To: govpn-devel@lists.cypherpunks.ru
Subject: Re: [Govpn-devel] Security issues in protocol
Date: Mon, 4 May 2015 15:01:38 +0300	[thread overview]
Message-ID: <20150504120138.GA89764@stargrave.org> (raw)
In-Reply-To: <CACsn0cmneZx8pq76dApMvVCmq-zxPB1i8O8rxt9aRcsMjSwBEQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 587 bytes --]

*** Watson Ladd <watsonbladd@gmail•com> [2015-05-04 05:00]:
>This attack can be prevented by using Elligator, or by using
>alternative PAKE schemes which are proved to be secure such as SPAKE2.

Elligator encoding is applied to DH public key before its encryption in
development branch. So, as I clearly understand, we can not determine
successful decryption of public DH when guessing passwords.

Do you mind if I mention you on the Thanks page for your suggestion and
pointing this issue out? If so, should I specify your email address?

-- 
Happy hacking, Sergey Matveev

[-- Attachment #2: Type: application/pgp-signature, Size: 801 bytes --]

     prev parent reply	other threads:[~2015-05-04 12:03 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-04  1:59 [Govpn-devel] Security issues in protocol Watson Ladd
2015-05-04  7:57 ` stargrave
2015-05-04 12:01 ` stargrave [this message]