[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Update on user-level hack to do telnet encryption posted recently
OK folks, I've started tidying up that hack code I posted recently which
outlined a method for rolling your own telnet-style encryption. In particular,
I've done the hard bit of making it work with an arbitrary binary 1:1 stream
cypher, rather than the original hack which *had* to encrypt printable text
as printable text (to get it through 7 bit terminal links).
[Note, anyone who didn't look at it too closely because they thought it was
only for telnet - look again: it's useful for *any* local to remote connection,
even kermit down a serial line, as long as you're calling between unixes.]
Now, what I need are volunteers - preferably outside the US and any other
country where any relevant patents are valid - to work on a suitable stream
cypher. Note you don't have to use any patented technology, as long as
whatever you come up with is sufficiently secure for your needs - this will
eventually be issued as a modular system, with the default encryption module
being rot13. If you don't really care much about the strength of encryption
(assuming your only opponents are kids who sniff packets who won't have
enough crypto experience to decode even an trivial cypher) then there's
a lot to be said for everyone implementing their own variation... just for
the amusement of tying up the time of all those more competant people who
feel they have to know everything that's going on everywhere in the world.
Machine cycles they can afford aplenty; man years are a different question...
Anyway, back to the project:
Currently there's a trivial interface that you can work to - I suggest
for demo purposes just using a hard-coded known key at each end, and we'll
do the key exchange stuff after we've got the stream cypher working.
Here's the header file:
/* Placeholder module for arbitrary stream encryption */
#define STATE_SIZE 128
typedef struct cypherstate {
char *unique_tag;
char whatever[STATE_SIZE];
long int byteno;
/* Add useful stuff here as need be... */
} CYPHER_STATE;
void new_cypher(CYPHER_STATE *s, char *unique_tag);
char stream_cypher(CYPHER_STATE *s, char byte);
Put any state you need in the struct, initialise it (with a known secret
key for now) in new_cypher; and supply a function that does a 1:1 encoding
of a byte in stream_cypher. Make the function stateless apart from the
CYPHER_STATE parameter so that it can be used to encode multiple streams
without interference.
With a bit of help from you guys, this project shouldn't take more than
a week to get a prototype running... When I have a feel for what sort
of encryption methods people want, and how precisely they're implemented,
I'll know better how to generically code the key-exchange part too.
I don't think it's appropriate for me to post any more source over
the net. Anyone who wants to discuss this in public rather than by mail,
I suggest we stick to alt.sources.d
Anyone wants the current sources, send mail to [email protected]
Thanks
G
PS The sources I have probably won't work anywhere except on BSD systems.
If you want to make the framework bit work on other versions of unix,
drop me a line about that too. Your programming will have to be up to the
level of writing a clone of the unix 'script' command, which is all this
program is really.
PPS Americans: please don't get either you or me in trouble by mailing
me unsolicited gifts of crypto code. I don't want it. The crypto part
of this project is for those people in countries where there's no legal
barrier to them participating.