[459] in cryptography@c2.net mail archive
Re: How bad is this?
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Wed Apr 2 09:50:57 1997
To: cryptography@c2.net
In-reply-to: Your message of "Wed, 02 Apr 1997 15:03:27 +0200."
<199704021303.PAA07487@internal-mail.systemics.com>
Reply-To: perry@piermont.com
Date: Wed, 02 Apr 1997 09:47:32 -0500
From: "Perry E. Metzger" <perry@piermont.com>
Gary Howland writes:
> > I don't understand why this is necessary. Given how slow TCP initial
> > handshakes are, and how (relatively) infrequent, I would guess that
> > this wouldn't improve performance in any noticeable way, and would
> > lower security...
>
> Also bear in mind that SHA produces 20 bytes - good enough for 5 sequence
> numbers.
>
> An alternative might be to use a fast cipher, such as blowfish or RC4.
Actually, neither would work well. You really need a hash for this
application, and you have to apply it once per connection. See Steve
Bellovin's RFC on sequence number attacks (is it 1928? I forget) to
learn why.
Perry
