1992-10-22 - Re: Keystone

Header Data

From: gnu@cygnus.com
To: Eric Hughes <hughes@soda.berkeley.edu>
Message Hash: fb6cd513252375d40032e5c92dc6f0e2a944525554d20788331d097d9233143d
Message ID: <9210220637.AA20200@cygnus.com>
Reply To: <9210220541.AA13526@soda.berkeley.edu>
UTC Datetime: 1992-10-22 06:35:44 UTC
Raw Date: Wed, 21 Oct 92 23:35:44 PDT

Raw message

From: gnu@cygnus.com
Date: Wed, 21 Oct 92 23:35:44 PDT
To: Eric Hughes <hughes@soda.berkeley.edu>
Subject: Re: Keystone
In-Reply-To: <9210220541.AA13526@soda.berkeley.edu>
Message-ID: <9210220637.AA20200@cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain


We have a small project cooking, to use Diffie-Hellman key exchange
to choose a random key to encrypt Internet connections (telnet,
rlogin, ftp, smtp).  This same protocol can also be used over an
ordinary modem connection between a user's PC and a BBS, preventing
eavesdropping or wiretapping of that phone call.  It would also be
able to protect phone calls between a PC and a Unix timesharing system,
regardless of what networks lie in between, if we wrote a simple login
program that handled the modem protocol.  (It doesn't protect against
active re-routing of the call, e.g. by substituting another machine
for the BBS, but we could work on that as Phase II.)

(I suggest that the initial Diffie-Hellman handshake all be done in
ASCII encoding, no matter what the medium, so that the same protocol
can be used on all media, binary-transparent or not.)

This scheme would require support in the BBS and in the user's PC
terminal program.  Given a working Unix implementation, it would be
relatively easy to add to the terminal program, if source code for any
decent terminal programs was available.  This is where Unix shows a
real advantage, since you can get free source for just about program,
while "free" PC programs means free binaries.  If anyone knows of a
reasonably popular PC terminal emulator for which source code is
freely available and distributable, let us know.

(Or, if anyone knows the author of a popular commercial PC terminal
emulator program, tell the author that they could consider licensing
Diffie-Hellman from RSA for commercial use and adding it to their
proprietary terminal program.  They're unlikely to do so, since it
costs money, unless some very popular BBS's can also be upgraded to do
it -- standard commercial chicken/egg problem which free source code
solves.)

On the BBS side, I've heard the idea of freeing the Fido source code
as copylefted code.  That would make it easy to add things like login
session encryption for the modem users.

	John Gilmore





Thread