It turns out that this was a very good way to advertise Bellovin-Merrit's work. So I got no single answer to whether an implementation exists or about its potential usability within SSL. Instead I got eight personal messages asking for the reference to the papers. There are two papers on this subject by these authors. They call the technique "encrypted key exchange". The first paper appeared in Oakland conference 1992, the second in ACM Security 1993. I found an on-line version of both papers under http://www.alw.nih.gov/Security/first-papers.html Look for the phrase "encrypted key exchange" (the papers are NOT listed under the "password" section of that page). Anyway, if anyone has an answer to my previous posting I'll be glad to hear. HugoReceived on Wednesday, 27 November 1996 16:19:47 EST
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:54 EDT