home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.unix.bsd
- Path: sparky!uunet!darwin.sura.net!mips!newsun!gateway.novell.com!terry
- From: terry@npd.Novell.COM (Terry Lambert)
- Subject: Re: 386bsd security enhancements are needed before using INTERNET!
- Message-ID: <1992Jul27.191435.14721@gateway.novell.com>
- Sender: news@gateway.novell.com (NetNews)
- Nntp-Posting-Host: thisbe.eng.sandy.novell.com
- Organization: Novell NPD -- Sandy, UT
- References: <l74ebkINN1sd@neuro.usc.edu> <1992Jul27.173631.4223@gateway.novell.com> <1992Jul27.183548.20598@news.iastate.edu>
- Date: Mon, 27 Jul 1992 19:14:35 GMT
- Lines: 27
-
- In article <1992Jul27.183548.20598@news.iastate.edu> niko@iastate.edu (Nikolaus E Schuessler) writes:
- >
- >>>fact of the matter is that the precompiled password authentication codes
- >>>present absolutely no risk to national security.
- >>
- >> The problem is the ability to distribute source. One of the base
- >>intentions of 386BSD, from what I have seen, is to make everything freely
- >
- >Aren't there keys that can be changed on a system by system basis? For
- >some algorithms it could take a fast computer a long time to crack the
- >codes even if it knew the algorithm...
-
- It isn't that the algorithms are crackable -- it's that they take what the
- NSA considers an unreasonable amount of time to crack, and, as such,
- distribution of a working crypt library represents a perceived threat to
- the national interest (USA). This is, in point of fact, a real problem,
- in that you can encrypt sensitive data in the US and send it out on a public
- channel. By the time it has been decrypted, the damage has already been
- done, as the distribution of the data is no longer taking place and can not
- be thwarted.
-
- Terry Lambert
- terry_lambert@gateway.novell.com
- terry@icarus.weber.edu
- ---
- Disclaimer: Any opinions in this posting are my own and not those of
- my present or previous employers.
-
