New Topics in Diffie Hellman Authentication

New Topics in Diffie Hellman AuthenticationAs we approach the research paper, we can find new topics in Diffie Hellman authentication. We can begin with the e-mail. Due to the passing of time, many companies have become less trusting of e-mail attachments, so that the natural question is, when is it OK to send a Diffie Hellman key over an e-mail? The answer will give you the idea about when and why.Sometimes data can be made public by accident, it becomes the case with our e-mails. We are talking about information that you sent from your address. For example, a survey company would like to send you surveys through e-mail.There are lots of people that maintain e-mail addresses, since they want to send to others as soon as possible. However, that does not necessarily mean that those e-mail addresses should be sold to third parties for easy access. The reason behind this is that you would not want to send e-mails to friends, when the e-mail has already been published. It is also no good when you forward that e-mail to your company and they ask for Diffie Hellman keys.The system used by the Diffie Hellman key exchange is known as Public Key Infrastructure (PKI). The way the Diffie Hellman keys are produced is really simple, since they are a one-way function.Before a Diffie Hellman key exchange takes place, a Diffie Hellman signature will be obtained from the key, and that the signature will be verified before the exchange takes place. This process of verification is very simple. It basically checks the signature against the Diffie Hellman parameters used by the other party. If there is a mismatch, then the exchange is denied.This simple process of public key authentication is really easy to comprehend. The process actually goes on for many steps.The next question is, when will it be OK to divulge some information that may be posted online. Actually, the answer will be the same. That information would have to be listed in a PII database and will belong to an organiz ation, that is willing to accept the risk. If there is a privacy policy attached to the database, the party who requested the information is required to verify that.Remember, the only time when divulging certain information that has been previously proven is acceptable is when the information is proven by a third party. Otherwise, if the other party is aware of the information, then divulging that information is absolutely unacceptable.