1995-01-31 - Re: ESP Unix encrypted session protocol software

Header Data

From: norm@netcom.com (Norman Hardy)
To: Matt Blaze <tedwards@src.umd.edu>
Message Hash: d483836ea308911fd1a6d5964841e22ff4e29eceb88fb5adeb5f8d16fa0bcc2d
Message ID: <ab536a4f010210046459@DialupEudora>
Reply To: N/A
UTC Datetime: 1995-01-31 04:47:36 UTC
Raw Date: Mon, 30 Jan 95 20:47:36 PST

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Mon, 30 Jan 95 20:47:36 PST
To: Matt Blaze <tedwards@src.umd.edu>
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <ab536a4f010210046459@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 1/30/95, Matt Blaze wrote:
....>As for the alternatives, I think the picture is pretty bleak, to tell
>the truth.  The cryptographically sound way to prevent spoofing is
>with authentication of the agreed key.  But for the remote host to
>authenticate itself, it has to have a secret signature key.  Where to
>store it?  A typical machine, especially a multi-user, unattended server
>simply has no safe place to store keys.
....
There would be on a secure "multi-user, unattended server". They are not
easy to come by and they arn't really Unix. I don't get on my soap box very
often but I couldn't resist your execelent opportunity. I think that
security requires good crypto and good OS security. There are Orange book
rated systems that are rated to run hostile software in the same machine
with Top Secret information.







Thread