[6669] in Kerberos
Compression before encryption
daemon@ATHENA.MIT.EDU (Scott L. Burson)
Fri Feb 16 09:07:20 1996
To: kerberos@MIT.EDU
Date: 15 Feb 1996 20:38:25 -0800
From: gyro@ganesh.zeta-soft.com (Scott L. Burson)
Hello all,
I am planning to install Kerberos 4 at my site, but have not yet done so.
Meanwhile I have a question. Some of my users will be communicating over
modems. I presume (though I don't know for a fact) that Kerberos encryption
will defeat V.42bis compression. It seems like the right thing would be for
Kerberos to compress the data stream before encrypting it, but I have seen no
indication that such a thing has been implemented. (My concern is bandwidth;
the additional cryptographic strength is merely a side benefit.)
Has anyone out there done this, or does anyone plan to? I have looked into
the problem far enough to discover a library called `zlib' which could be used
for the purpose (ftp://ftp.uu.net/pub/archiving/zip/zlib/zlib-0.99.tar.gz),
but haven't even begun to try to figure out how to patch this into Kerberos.
I am not concerned with connecting to other sites' Kerberos servers, so
running a modified protocol is not a problem.
-- Scott
