[thr0w__4w4y]

Sigh. Yep, I also ran into trouble on my first jump in a few pages from the start:

> "asymmetric encryption uses a public-key cryptosystem (like RSA or ECC) and a key-pair: private key (encryption key) and corresponding public key (decryption key)"

Ummm.... when using RSA to encrypt something (e.g., a DEK) you use the other party's public key, and of course the other party uses its private key to decrypt.

How do you get stuff like this so wrong??? Sheesh, even flipping a coin gives you a 50-50 chance.

[mclehman]

Sections like this too:

>DHKE was one of the first public-key protocols, which allows two parties to exchange data securely, so that is someone sniffs the communication between the parties, the information exchanged can be revealed.

I don't think that information being revealed through passive observation is a selling point of DHKE.

[celticninja]

The point they are trying to make is that you can sniff the exchanged information during key setup, but knowing this does nothing for the attacker. That information is not required to be secret. So " the information exchanged can be revealed." means 'it can be revealed without concern for security of the key generated by the process'. The author doesnt mean that the eventual messages will be revealed.