Re: Cryptanalysis of SecurID (ACE/Server)

Perry E. Metzger (perry@piermont.com)
Thu, 01 Oct 1998 10:12:24 -0400

• Next message: Eric Young: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
• Previous message: Mok-Kong Shen: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source co de)"
• In reply to: Brown, R Ken: "RE: propose: `cypherpunks license' (Re: Wanted: Twofish source co de)"
• Next in thread: John Moore: "RE: Cryptanalysis of SecurID (ACE/Server)"
• Reply: John Moore: "RE: Cryptanalysis of SecurID (ACE/Server)"

"John Moore" writes:
> Okay,
> How hard is it to hijack a TCP session these days? Say that it is between
> whatever client and a firewall?

It depends on the OSes being run on each. The difficulty ranges from
trivial to moderately difficult. In no instance is it impossible if
you are not using something like IPSec.

> BTW... the objections to SecureID presumably do not apply to dial-in
> sessions onto a "secure" (I recognize the non-absoluteness of this) network.

You honestly think that dial-in can't be interfered with?

Perry

• Next message: Eric Young: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
• Previous message: Mok-Kong Shen: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source co de)"
• In reply to: Brown, R Ken: "RE: propose: `cypherpunks license' (Re: Wanted: Twofish source co de)"
• Next in thread: John Moore: "RE: Cryptanalysis of SecurID (ACE/Server)"
• Reply: John Moore: "RE: Cryptanalysis of SecurID (ACE/Server)"