[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Perfect forward SECURITY (bypass channel?)

To: ashar@osmosys.incog.com (Ashar Aziz)
Subject: Re: Perfect forward SECURITY (bypass channel?)
From: " " <amir@watson.ibm.com>
Date: Wed, 11 Jan 1995 10:11:38 -0500
Cc: hugo@watson.ibm.com, ipsec@ans.net
In-Reply-To: Your message of "Tue, 10 Jan 1995 19:30:53 PST." <9501110330.AA00675@miraj.>


Ashar,

> ... I don't have any
> difficulty imagining the very real possibility that wily hackers
> will use the strategy of bypassing the system's security apparatus
> in order to break in. In attempting to do this, they will almost
> certainly try (sometimes with success) to subvert a channel that is
> invitingly named a "bypass" channel, something that you have just
> re-introduced using the signature approach.

Could you explain this attack? Do you claim that both
Photuris and Jim's proposal (and our PK protocol in MKMP)
have such a weakness?

Thanks, Amir

References:

Re: Perfect forward SECURITY (uni- vs bi-directional impersonation)'

From: ashar@osmosys.incog.com (Ashar Aziz)

Prev by Date: Re: Perfect forward SECURITY (uni- vs bi-directional impersonation)'
Next by Date: Re: MD5 performance limitations document
Prev by thread: Re: Perfect forward SECURITY (uni- vs bi-directional impersonation)'
Next by thread: Re: Perfect forward SECURITY (uni- vs bi-directional impersonation)'
Index(es):
- Main
- Thread