[529] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Just wondering about timing and IPng.

daemon@ATHENA.MIT.EDU (owner-linux-security@tarsier.cv.nr)
Tue Dec 19 08:37:07 1995

From: owner-linux-security@tarsier.cv.nrao.edu
To: linux-security@tarsier.cv.nrao.edu
Date: Fri, 15 Dec 1995 18:17:33 -0800 (PST)

[mod: `timing attack' refers to a method of guessing the secret
	exponent in various crypto algorithms by watching
	the time required to perform one operation. --okir]
	
Just wondering if there is any Linux specific news on the timing
attack, http://www.cryptography.com, or IPng as described in the
following USENET post.

 From: rja@inet.org
 Newsgroups: comp.protocols.tcp-ip
 Subject: URL for freely distributable IPv6 source code
 
 	Aside from the IPng Home Page, which was just posted to this
 newsgroup, there are some other sources of information.  A few of
 these are mentioned in this posting.
 
 	There are various Internet Drafts (which are working documents
 of the IETF and hence are subject to change without notice) online at
 various archive sites around the world, perhaps most notably at:
 	ftp://ds.internic.net/pub/internet-drafts
 
 	The security portion of IPv6 was published already -- as
 RFC-1825 through RFC-1829 (NB: This technology applies to both IPv4
 and IPv6).
 	ftp://ds.internic.net/pub/rfc
 
 	The NRL IPv6/IP-security source code "alpha-quality" release
 for 4.4-Lite BSD of 30 September 1995, which should drop
 easily into NetBSD, BSDI, and other 4.4-Lite derived OSs, has
 mysteriously appeared online at:
 	ftp://ftp.c2.org
 
 The NRL software is probably subject to US Export Controls because it
 includes implementation of DES-CBC encryption of IP datagrams.  An
 exportable version of the NRL software does exist, but it isn't clear
 whether it is online anywhere as of today.  A couple of folks at NRL
 continue to work on IPv6/IPsec, though it is not at all clear how long
 that will be true.  A revised version of the NRL distribution will
 hopefully appear online around the end of this year. MIT will
 eventually be making the NRL sources available online, but has not yet
 had time to put them out.
 
 Ran
 rja@inet.org

-- 
Gary Johnson                   "The numbers themselves may be our best tools."
gjohnson@season.com            <a href="http://www.digicash.com">Fed flip?</a>
home help back first fref pref prev next nref lref last post