Date: Sun, 26 Feb 1995 21:47:20 -0800 From: Paul Traina <pst@Shockwave.COM> To: "Jordan K. Hubbard" <jkh@freefall.cdrom.com> Cc: hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? Message-ID: <199502270547.VAA02143@precipice.Shockwave.COM> In-Reply-To: Your message of "Sun, 26 Feb 1995 11:13:06 PST." <199502261913.LAA29658@freefall.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes, it's well known, (take this with 3 grains of salt, I am not an expert in D-H) but the base technology requires use of RSA which is patented and said patents are enforced stringently. That's why we use S/Key. From: "Jordan K. Hubbard" <jkh@freefall.cdrom.com> Subject: key exchange for rlogin/telnet services? You know the problem. You're sitting down at USENIX or your friend Bob's in Minnesota or some other gawdforsaken place and you have no way of knowing whether or not that password you just typed to log in to freefall was just sniffed by the entire undergraduate class of the local university (or their bored ISP). You can't set up a kerberos realm with everyone, so what you'd really just like to do is ensure that the endpoints are reasonably secure and encrypt everything going in between. A friend recerntly suggested a method for which my knowledge of the spelling may be incomplete, but I'll try: "Diffie-Hellman key exchange." Apparently you start out with a key pair on each end and then each raise eacy to the power of the other's public half and used the information derived to secure the link. Do any of you security weenies out there know what I'm talking about? Am I making any sense? Should I be locked up by the NSA for even suggesting this? Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199502270547.VAA02143>