[442] in Kerberos_V5_Development
Re: Kerberized Telnet (A warning)
daemon@ATHENA.MIT.EDU (Clifford Neuman)
Sat Nov 17 15:57:19 1990
Date: Sat, 17 Nov 90 12:56:57 -0800
From: bcn@cs.washington.edu (Clifford Neuman)
To: krbdev@ATHENA.MIT.EDU
[in response to a message in the krb5 development discuss meeting]
A warning about the encryption mode in telnet. What means are you
using to prevent an attacker from modifying the data stream? If an
attacker knows what is being sent, it can change what is received by
xoring the encrypted data stream with the xor of the known text and
the desired text.
~ Cliff
