From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 19 Feb 1996 02:07:50 +0800
To: cypherpunks@toad.com
Subject: Re: Some thoughts on the Chinese Net
Message-ID: <199602181745.JAA08925@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:38 PM 2/14/96 -0500, Perry wrote:
>Jon Lasser writes:
>> The more complex portion (from my perspective, at any rate) is a 
>> modification of the standard TCP/IP protocol, requiring that each packet 
>> be signed by its originating user. This would require lots of software 
>> modification on the Chinese end, as well as a conversion process at the 
>> National firewall.
>
>They could use no stock software, and they would grind every machine
>in the country to its knees doing the signatures. RSA signatures
>aren't cheap.

Could you use IPv6 / IPSP authentication to do the job?  You'd obviously
need to create network software for the various operating systems,
but for most of them it's not a big change and various well-known people
are working on implementations :-)  You could get by with something
cheap like an RSA-signed key used for a MAC with either RC4 or MD5,
reducing the problem to one RSA signature per connection plus faster algorithms.
For email, that's probably still one signature per mail message, but it's
a manageable load...

#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com / billstewart@attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs     Pager +1-408-787-1281

! Frank Zappa for President !