*BSD News Article 78829


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!solace!eru.mt.luth.se!www.nntp.primenet.com!nntp.primenet.com!cs.utexas.edu!news.sprintlink.net!news-peer.sprintlink.net!HiWAAY.net!usenet
From: jim@bokler.com (James Moore)
Newsgroups: comp.unix.bsd.freebsd.misc,sci.crypt
Subject: Re: FreeBSD SRA & IDEA Telnet patch
Date: Sun, 22 Sep 1996 08:34:59 GMT
Organization: HiWAAY Information Services
Lines: 29
Message-ID: <3244f939.9285274@news.hiwaay.net>
References: <nzUwgOa@quack.kfu.com>
NNTP-Posting-Host: max14-147.hiwaay.net
X-Newsreader: Forte Agent .99e/32.227
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:27699 sci.crypt:49855

Uh, what's SRA? Are there any sources which describe how it works?

Thanks,
James Moore

On Thu, 19 Sep 1996 23:52:23 UTC, nsayer@quack.kfu.com (Nick Sayer)
wrote:
<<<stuff deleted>>>
>To recap, SRA is an authentication method invented by Dave Safford
>when he was at Texas A&M. It is based loosely on Secure RPC
>and does not require any key management. It is the world's easiest
>authentication/encryption scheme since using it is no different than
>using ordinary telnet, yet provides strong enough encryption that
>sniffers would be hard pressed indeed to get you (it is, however,
>vulnerable to monkey-in-the-middle. Being the monkey between two
>arbitrary Internet sites is far, far more complicated and unlikely than
>someone just sniffing, though).
>
>SRA is only an authentication mechanism, but as a side effect, it can
>generate a common DES or IDEA encryption key to be used by the
>appropriate encryption modules. After all, what's the point of performing
>encrypted authentication if someone can watch you use 'su'?
>
>-- 
>Nick Sayer <nsayer@quack.kfu.com>  | "[The Democrats] turned the
>N6QQQ @ N0ARY.#NORCAL.CA.USA.NOAM  | safety net into a hammock."
>+1 408 249 9630, log in as 'guest' | 
>URL: http://www.kfu.com/~nsayer/   |       -- Phil Graham