[RC5] 40 bit encryption, and what about implementation

Jeroen v.d.burg at planet.nl
Sat Mar 16 21:35:43 EST 2002


Men in the middle means you think your connected to the server but
you aren't really, you are connected to another 'evil'system and that
one is connected to the server.
So when the server sends you his key, the evilsystem can replace it
by his key, so when you send data the evilsystem encrypts it and
decrypts it with the server key.
This way the evilsystem can change or log all information send.
The thing with certificates does work, i forget about it :-)


*********** REPLY SEPARATOR  ***********

On 3/17/2002 at 1:07 AM Orthanc wrote:

>the basic principle of public-private encryptuion is that it doesn't
>matter
>if anyone knows your public key, Only the 2 public keys are transmitted and
>so intercepting these does not help crack the encryption.
>
>Orthanc
>----- Original Message -----
>From: "Jeroen" <v.d.burg at planet.nl>
>To: <rc5 at lists.distributed.net>
>Sent: Saturday, March 16, 2002 9:22 PM
>Subject: Re: [RC5] 40 bit encryption, and what about implementation
>
>
>> If i visit a website with 40 bit encryption, how do i know the site's key
>and how does the site mine?
>> If there is a man in the middle attack, the key can be 2^40 bit long :-)
>but still insecure.
>>
>>
>> --
>> To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
>> rc5-digest subscribers replace rc5 with rc5-digest
>>
>>
>--
>To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
>rc5-digest subscribers replace rc5 with rc5-digest



--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list