Re: Java applet security, exportability, Jon Postel haiku

New Message Reply About this list Date view Thread view Subject view Author view

Anonymous (nobody@replay.com)
Tue, 27 Oct 1998 02:41:31 +0100


> 1a) Am I correct that this is proof against the man in the middle?

Not as long as your MITM can force a sabotaged applet on your client
(contains altered g^x, uses bad RNG code, sends a copy in the clear for
attacker's convenience, etc).

...
> 2) Is 160 bits sufficient for y?

No -- although I don't know much about the difficulty of the DLP with
various parameters, I do know the KEA spec uses 160 bits to (allegedly)
force 2^80 operations upon attackers, not enough to keep your kid sister
out.

> 3) Is K = SHA1(k) a suitable way to generate the session key?

If SHA-1 is a good hash, probably so.

> 4) What symmetric cypher would you recommend I use?

Arc4 has legal isues, among other things, and IDEA is patented, leaving
3DES as the only one remaining of your choices. (Or, if you're looking for
a moderately old cipher, there's always... :)


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:22