Question

What is SaS?

Answer

The Diffie–Hellman key exchange by itself does not provide protection against a man-in-the-middle attack. To ensure that the attacker is indeed not present in the first session (when no shared secrets exist), the Short Authentication String (SAS) method is used: the communicating parties verbally cross-check a shared value displayed at both endpoints. If the values do not match, a man-in-the-middle attack is indicated.

Basically, it is very simple - you check the SaS once and from now on you can talk securely with your partner.

Related Articles

Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.

Was this answer helpful?

Please rate & help us to improve our FAQ.