Thought on data encryption on networks


Ra (root%bostonu.csnet@CSNET-RELAY.ARPA)
Fri, 4 Apr 86 11:50:16 EST


Most of us run networks that do not have any encryption facilities
(perhaps in theory, but not something a sys mgr can just turn on.)

The problem is that the minute someone says 'hey, we need some
encryption on this net' out come the macho data encryption types
to explain to you that the only encryptions worth doing are too
expensive (or complicated) to run, and then slink away again
leaving you defenseless. Worse, you usually end up sitting thru
a long scolding about how even if you implemented the best it
is probably about to be broken or illegal or something.

Oh, where is Arthur to slice this gordian knot? Meanwhile, Joe Cracker
plugs his PC into your net, goes into promiscuous mode and has the
most fun he can with his pants on.

How outlandish would it be to come up with (I am probably not
qualified to do this, although those that are probably won't)
some sort of reasonably hard to crack stream oriented protocol?
There has to be something in between clear text and you-need-
a-cray-ethernet-board-but-it-cant-be-cracked.

Suggestions? If your inclination is to say 'yer iggorant, this
is solved' then how come none of the major O/S's have put it
into their device drivers or wherever?

        -Barry Shein, Boston University



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:36:05 GMT