*BSD News Article 2606


Return to BSD News archive

Newsgroups: comp.unix.bsd
Path: sserve!manuel!munnari.oz.au!uunet!gumby!destroyer!news.iastate.edu!niko
From: niko@iastate.edu (Nikolaus E Schuessler)
Subject: Re: 386bsd security enhancements are needed before using INTERNET!
Message-ID: <1992Jul27.214249.1065@news.iastate.edu>
Sender: news@news.iastate.edu (USENET News System)
Organization: Iowa State University, Ames, IA
References: <1992Jul27.173631.4223@gateway.novell.com> <1992Jul27.183548.20598@news.iastate.edu> <1992Jul27.191435.14721@gateway.novell.com>
Date: Mon, 27 Jul 1992 21:42:49 GMT
Lines: 27


>
>It isn't that the algorithms are crackable -- it's that they take what the
>NSA considers an unreasonable amount of time to crack, and, as such,
>distribution of a working crypt library represents a perceived threat to
>the national interest (USA).  This is, in point of fact, a real problem,
>in that you can encrypt sensitive data in the US and send it out on a public
>channel.  By the time it has been decrypted, the damage has already been
>done, as the distribution of the data is no longer taking place and can not
>be thwarted.
>

So the inherent problem you are worried about is that everyone is using
the same crypt library, right? Because it is far easier to use the one
given as is than to create a new one? Who generated it? Does anyone
know? There must be a way to generate a different one, right?

I think I may not be understanding something fully.




-- 
Niko Schuessler               
Project Vincent Systems Manager              email: niko@iastate.edu
Iowa State University Computation Center     voice: (515) 294-1672
Ames IA 50010                                snail: 272 Durham