Author: MⒶrtin HⒶboⓋštiak 2015-02-10 17:16:34
Published on: 2015-02-10T17:16:34+00:00
The conversation between Martin Habovštiak and Eric Voskuil revolves around the use of commit protocols for secure transactions in the physical world. The main challenge is to prevent interception of public keys, as a MITM can substitute the key, leading to privacy loss. To overcome this, they suggest using a shared secret such as a short authentication phrase. However, the problem remains that parties still need a secure/out-of-band channel for communicating this value. One solution could be to use RedPhone's commit protocol, which offers secure and convenient encryption and authentication, but it requires manual verification. Manual verification is cumbersome, with long addresses taking time to verify, and address prefixes susceptible to brute-forcing or vandalism. Commit protocol can be used for both the encryption and the authentication while user experience is not bad and everything is still secure.
Updated on: 2023-06-09T16:33:49.761105+00:00