public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed
From: stargrave@stargrave•org
To: govpn-devel@lists.cypherpunks.ru
Subject: Re: [Govpn-devel] Security issues in protocol
Date: Mon, 4 May 2015 15:01:38 +0300 [thread overview]
Message-ID: <20150504120138.GA89764@stargrave.org> (raw)
In-Reply-To: <CACsn0cmneZx8pq76dApMvVCmq-zxPB1i8O8rxt9aRcsMjSwBEQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 587 bytes --]
*** Watson Ladd <watsonbladd@gmail•com> [2015-05-04 05:00]:
>This attack can be prevented by using Elligator, or by using
>alternative PAKE schemes which are proved to be secure such as SPAKE2.
Elligator encoding is applied to DH public key before its encryption in
development branch. So, as I clearly understand, we can not determine
successful decryption of public DH when guessing passwords.
Do you mind if I mention you on the Thanks page for your suggestion and
pointing this issue out? If so, should I specify your email address?
--
Happy hacking, Sergey Matveev
[-- Attachment #2: Type: application/pgp-signature, Size: 801 bytes --]
prev parent reply other threads:[~2015-05-04 12:03 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-04 1:59 [Govpn-devel] Security issues in protocol Watson Ladd
2015-05-04 7:57 ` stargrave
2015-05-04 12:01 ` stargrave [this message]