[JDEV] stunnell
Bernd Eckenfels
lists at lina.inka.de
Wed Dec 20 15:58:46 CST 2000
On Wed, Dec 20, 2000 at 03:39:40PM -0600, Colin Madere wrote:
> If you just want to prevent joe-user from reading messages on his network,
> that's fine, but encrypting the XML tags gives a real attacker huge clues
> since he will _know_ what large pieces of the encrypted message are and
> where they are in the message.
Known-Plain-Text Attacks are not an issue if you use secure crypto
algortihms. And you can also start the block with some random data. Just
think of PGP, it's the same issue here, since all Mails starts with "Hello,"
:)
> As for the SSL CPU load you will still have the CPU load of decrypting
> things the server has to read. There are hardware SSL solutions, also. Not
> saying SSL is the way to go, just thought I'd drop the info here.
No, the routing info is not encrypted. The Server cannot decrypt it, becusae
it does not have the secret key of the user. Otherwise the encryption does
not make sense.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels at Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes at irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
More information about the JDev
mailing list