[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A Photuris variant

To: IPSEC@ans.net
Subject: Re: A Photuris variant
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Fri, 3 Mar 95 12:48:50 GMT

I find it amusing that the same folks who beat on Photuris for possible
compromise of a mere signature (with a time frame of only minutes)
propose weakening the key structure to allow compromise of the traffic
(with a time frame of forever)!

Perfect Forward Secrecy of the traffic is _the_ important security
requirement.

And then, there is "anonymity".  Not as the rest of us use the term,
which means protection from identification by third parties, but
instead, protection from identification by EACH OTHER.

This is _not_ a requirement.

And the variant won't allow precomputation, so it is slower to setup.  A
fine new feature....

Why would anyone want to go to the trouble of sending protected data,
using techniques that don't protect the data very well, to a party they
can't positively identify?

Sounds like Communist Plot to me....

Bill.Simpson@um.cc.umich.edu

Prev by Date: A Photuris variant
Next by Date: A Photuris variant
Prev by thread: A Photuris variant
Next by thread: A Photuris variant
Index(es):
- Main
- Thread