LISTSERV - HP3000-L Archives

HP3000-L Archives

June 1998, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L June 1998, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Encryption (Was: New version of QCTerm...)
From:	Gavin Scott <[log in to unmask]>
Reply To:	Gavin Scott <[log in to unmask]>
Date:	Fri, 12 Jun 1998 16:41:42 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (25 lines)

Sorry if this is a dup. My mail client choked on some spam while I was
trying to send it the first time.

Wirt again:
> With equal respect, let me disagree. All that you have to do to really make
> something "obfuscated" is intermix a great deal of randomness into an
> encrypted signal, paying special attention to make the random symbols carry
> the same informational entropy as the encoded data.

Ok, but are you willing to decrease the S/N ratio of your communications
link by an order of magnitude (or whatever) in order to do this?  Will the
customer be willing to pay for 10x the network bandwidth between the
client and 3000?

You still need to have some shared secret to initialize your pseudo-
random number generator with so that both ends agree on where the signal
is amongst all the noise.  Without something like this the signal will be
in the same place every time you start a new connection, and it becomes
relatively easy to figure out with a known plaintext attack.  Especially
at the start of a connection when the least information is available for
generating randomness but the most sensitive information (logon passwords)
are being exchanged.

G.

ATOM RSS1 RSS2

RAVEN.UTC.EDU