Who would have known that Diffie-Hellman has a man-in-the-middle weakness? Not I! I’ve been spending a lot of time these last two weeks working on creating an ‘secure’ data transfer system for Macromedia Flash MX. We’re planning on doing Diffie-Hellman for key agreement and RC4 for the stream cipher (sounds a bit like SSL, eh?), but it should be very interesting since we have a totally insecure client (so we can’t use Station-to-Station to prevent that man-in-the-middle), with a 32-bit integer maximum. Other than work for the VA, nothing else interesting has been going on, outside the usual school stuff.