[461] in cryptography@c2.net mail archive
Re: How bad is this?
daemon@ATHENA.MIT.EDU (Mike Duvos)
Wed Apr 2 09:56:39 1997
From: mpd@netcom.com (Mike Duvos)
To: cryptography@c2.net
Date: Tue, 1 Apr 1997 22:42:28 -0800 (PST)
In-Reply-To: <9704020433.AA24559@nyx.net> from "Colin Plumb" at Apr 1, 97 09:33:02 pm
Colin Plumb writes:
> I've been trying to come up with a very fast, and not necessarily
> very secure hash function for TCP initial sequence number selection.
Why? What does a strongly random initial sequence number buy you over the
conventional time-based variety?
[The problem is sequence number attacks. Using hashes instead of
conventional time based sequence numbers defends against this. You don't
want "random" sequence numbers -- you want separate spaces of sequences
for each socket. See RFC1948 by Steve Bellovin for details. --Perry]
--
Mike Duvos $ PGP 2.6 Public Key available $
mpd@netcom.com $ via Finger. $
