Let's assume an insecure channel.
Is it safe to exchange Alice & Bob public keys first then apply them to sign communications during the DH process? (then encrypt+sign all future communications)?
Should the process be rather: a DH process applied first, then the public key exchange with unsigned messages, then encrypt+sign all future communications? (where obviously at the next DH, there will be not need to exchange again the public keys.)
Aucun commentaire:
Enregistrer un commentaire