1995-02-01 - Re: ESP Unix encrypted session protocol software

Header Data

From: eric@remailer.net (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: d3b6c2def416501b6c04a59d1900f189c1a8b62d79ae9afbddce742aa0fa7e74
Message ID: <199502010527.VAA04897@largo.remailer.net>
Reply To: <9501301802.AA08512@merckx.info.att.com>
UTC Datetime: 1995-02-01 05:29:07 UTC
Raw Date: Tue, 31 Jan 95 21:29:07 PST

Raw message

From: eric@remailer.net (Eric Hughes)
Date: Tue, 31 Jan 95 21:29:07 PST
To: cypherpunks@toad.com
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501301802.AA08512@merckx.info.att.com>
Message-ID: <199502010527.VAA04897@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Matt Blaze <mab@research.att.com>

   [this = storing secrets]
   At the extreme, fixing this is a Hard Problem.  In practice for establishing
   a reasonably secure session, it all depends on how much you worry about a
   full-blown (two way) spoofing attack against IP.

I know Matt realizes, but let me repeat for the rest of the list.

Just because plain old Diffie Hellman is subject to active attack
doesn't mean it's useless.  Some protection is better than no
protection at all.  It's still worthwhile implementing some security
to make an opponent's task harder than to implement no security.

And just because some people find this level of security inadequate
does not mean that everyone else does.

Eric





Thread