top | item 26977949

Diffie-Hellman for the layman

21 points| boris1 | 4 years ago |borisreitman.medium.com

8 comments

1cvmask|4 years ago

Professor Diffie was the teacher of Taher Elgamal who helped create the Elgamal algorithm and SSL.

https://en.wikipedia.org/wiki/ElGamal_encryption

https://en.wikipedia.org/wiki/ElGamal_signature_scheme

https://en.wikipedia.org/wiki/Taher_Elgamal

loudouncodes|4 years ago

Um, he starts in 1976, then says ‘21 years later’ and he’s talking about today? He’s 20 years off in his opening premise...

boris1|4 years ago

Thanks, gonna fix it.

boris1|4 years ago

I've now implemented folder encryption. If you encrypt folder 'foo', you get the file 'foo.encrypted'. When you decrypt it using the same tool, you get file 'foo.zip' which you download and uncompress into a folder 'foo'.

davidhyde|4 years ago

> “ When WhatsApp was pressured to leave a backdoor into the encryption, it said “no” but instead agreed to log and report all dubious communication before it is encrypted. ”

Huh, I did not know that!

avmich|4 years ago

So this doesn't unfortunately work with a man in the middle?

That is, how email exchange can be guaranteed to work properly, and MITM won't insert his email in the middle of the process?

spekcular|4 years ago

Yes, exactly. This is why real-world systems additionally include some kind of authentication protocol.

Reference: https://en.wikipedia.org/wiki/Man-in-the-middle_attack#Authe...

boris1|4 years ago

The check digits solve the MITM problem. You should compare them by another channel than email, such as text message. This is called "Short Authentication String" (SAS).