gpg: failed to create temporary file '/var/lib/lurker/.#lk0x57d19100.hantslug.org.uk.9674': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Thu Apr 10 18:03:31 2008 BST
gpg: using DSA key FCBBA9C8F2DEED36
gpg: Can't check signature: No public key
On Thu, Apr 10, 2008 at 03:31:44PM +0100, Hugo Mills wrote:
> If I recall correctly, ssh uses Diffie-Hellman key exchange by
> default. This is a cryptographic protocol based on the same
> mathematics used by RSA. It allows two people who have never met to
> exchange keys in a way that prevents anyone else from finding those
> keys.
D-H is relies on the discrete logarithm problem, RSA depends on the
problem of factoring large numbers[*].
> From distant memory, DH key exchange also manages to have some
> protection against man-in-the-middle attacks (but I could be wrong
> about that -- my crypto books are at home).
D-H doesn't provide any protection against an active man in the middle.
(That's why D&H had their 'public file' concept for publishing public
keys, which was then developed into the idea of certificates.)
[*] Not "factoring large prime numbers" as often misquoted. That's
easy. :-)
--
Andrew McDonald
E-mail: andrew@???
http://www.mcdonald.org.uk/andrew/
