RE: Squid and Samba

Ben Nagy Mon, 12 Feb 2001 21:12:28 -0800
> -----Original Message-----
> From: Dave Wreski [mailto:[EMAIL PROTECTED]]
[...]
> > Last
> > thing I want is for people to know how I 
> encrypt/authenticate something.
> 
> Whoa, I'll try to keep my sense of tact here, and direct you to what
> happens when Microsoft keeps their crypto secret:
> 
> http://www.counterpane.com/pptp.html
> http://www.counterpane.com/pptpv2-paper.html
> 
> This is a document written by Bruce Schneier, often regarded as the
> foremost cryptographer in the industry,

I'm not saying Bruce isn't a s00per genius, but I think "foremost in the
industry" is a big rap. I'll agree that he wrote the book that's widely
regarded as the best, though.

As an aside, I'd say that Bleichenbacher has to be Crypto Dude of the Month.
Not only did he score a big result against DSS, but his old "oracle" attack
on PKCS1.5 (which I always thought was just amusing theory!) was key to the
recent SSH1 attack.

> and how he managed to 
> crack both
> versions of 
> PPTP.

That's not true, sorry. We covered this about two days ago. PPTPv2 isn't
"broken". It's sub-optimal.

[snip]
> AES, on the other hand, developed by the best cryptographers in the
> world, was developed in an open form.

AES was developed by a couple of great cryptographers. What basis do you
have for saying they're the best in the world though? You already said that
Schneier was, by the way, and _his_ entry got passed over. The key to the
AES process was that a whole bunch of REALLY smart crypto guys all sat
around and had a great time working over the most minute flaws in everyone
else's proposal.

The other thing to say about it, though, is that they deliberately chose the
algorithm that was almost the most secure, almost the fastest and almost the
most elegant. That bears thinking about.

> Pretty much off-topic, but I really thought it was important 
> to present
> the other side...

If you're the Devil's advocate, I'm the Prosecution (although maybe from a
different case ;)

> 
> Regards,
> Dave
> 
> --
> Dave Wreski
> Corporate Manager                           Guardian Digital, Inc.
> (201) 934-9230                Pioneering.  Open Source.  Security.
> [EMAIL PROTECTED]            http://www.guardiandigital.com

(Dammit - crypto pedanticism. My one weakness. Well, that and caffeine. And
counting.)

Cheers,

--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520  PGP Key ID: 0x1A86E304
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
RE: Squid and Samba

Reply via email to
