1994-05-24 - SRA telnet and ftp (FYI)

Header Data

From: Richard Johnson <Richard.Johnson@Colorado.EDU>
To: cypherpunks@toad.com
Message Hash: f6797cc99219f453b84dbd3487b1b13df55b869e6c8794ab9cd6e9bfd6f799f3
Message ID: <199405241904.NAA24143@spot.Colorado.EDU>
Reply To: N/A
UTC Datetime: 1994-05-24 19:04:47 UTC
Raw Date: Tue, 24 May 94 12:04:47 PDT

Raw message

From: Richard Johnson <Richard.Johnson@Colorado.EDU>
Date: Tue, 24 May 94 12:04:47 PDT
To: cypherpunks@toad.com
Subject: SRA telnet and ftp (FYI)
Message-ID: <199405241904.NAA24143@spot.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



A note about a package that uses D-H to generate a key for telnet and ftp
authentication.  Has anyone here played with it?


Richard

------- Forwarded Message

Subject:  SRA telnet and ftp 
Date: Tue, 24 May 1994 08:57:40 -0400
To: Firewalls@GreatCircle.COM
From:  bukys@cs.rochester.edu

After hearing about David Safford's SRA telnet/ftp package from numerous
sources, I finally went and got a copy (from ftp://net.tamu.edu/pub/security/TA
MU).

It's nice work.  I would like to clarify one point, though:  This package
uses the Diffie-Hellman code from the Secure RPC implementation, to securely
compute a session key which the SRA code uses to encrypt an authentication
transaction.  The code does NOT use the session key to encrypt the whole
session.  It would probably be relatively easy to add, but it's not in there
in the current code.

This is from my perusal of the code, and correspondence with the author.

FYI

------- End of Forwarded Message






Thread