From: Martin Janzen <janzen@idacom.hp.com>
Date: Fri, 20 May 94 12:24:37 PDT
To: cypherpunks@toad.com
Subject: Re: Secure RPC?
In-Reply-To: <9405201854.AA15841@deathstar.iaks.ira.uka.de>
Message-ID: <9405201924.AA12030@loki.idacom.hp.com>
MIME-Version: 1.0
Content-Type: text/plain


Hadmut Danisch writes:
>
>where can I get specs and informations about 
>secure RPC?

You can get the source code and associated documentation from
ftp://bcm.tmc.edu/nfs.  You'll need the files rpc_40*.shar and
secure_rpc*.shar.  Note that this doesn't come with the actual DES
encryption routines; you'll have to find or write your own.

But:

smb@research.att.com writes:
>
>	 I remember a referance to Sun's secure RPC where the puplic key
>	 was "insecure" because the it did not use a large "key" (to few bits?)
>
>	 does anyone one have info on this?
>
>	 		-Pete
>
>Yup.  The modulus is too small, and the key exchange was cryptanalyze
>by LaMacchia and Odlyzko.  See
>
>@article{nfscrack,
>   author = {Brian A. LaMacchia and Andrew M. Odlyzko},
>   journal = {Designs, Codes, and Cryptography},
>   pages = {46--62},
>   title = {Computation of Discrete Logarithms in Prime Fields},
>   volume = {1},
>   year = {1991},
>}


-- 
Martin Janzen           janzen@idacom.hp.com
Pegasus Systems Group   c/o Hewlett-Packard, IDACOM Telecom Operation