From: cme@cybercash.com (Carl Ellison)
Date: Fri, 16 Feb 1996 06:33:57 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Some thoughts on the Chinese Net
Message-ID: <v02140b0bad491b46cf8f@[204.254.34.231]>
MIME-Version: 1.0
Content-Type: text/plain


>The more complex portion (from my perspective, at any rate) is a
>modification of the standard TCP/IP protocol, requiring that each packet
>be signed by its originating user.

That's the killer.  Signatures take a huge amount of CPU time.  Signing
each packet is not going to be cost effective.

However, they could have an authenticated key exchange and then symmetric-
encrypt each TCP/IP connection.  That can perform -- and has the nice
side effect [from the Chinese POV] of depriving the NSA of Chinese civilian
net intelligence.  As long as the key exchange is signed, everything
travelling using that key is authenticated implicitly.

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |
+--------------------------------------------------------------------------+