[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: encrypting pppd?

To: [email protected]
Subject: Re: encrypting pppd?
From: VaX#n8 <[email protected]>
Date: Sun, 06 Oct 1996 04:18:04 -0500
cc: [email protected], [email protected]
In-reply-to: Your message of "Wed, 02 Oct 1996 23:57:06 CST." <[email protected]>
Sender: [email protected]

In message <[email protected]>, Roy M. Silvernail 
writes:
>What threat model does this address?

snooping the link

>It'd be link encryption, where the
>best security is found in end-to-end encryption.

Encrypting at higher levels involves a different effort/cost
tradeoff that doesn't do much better at addressing the threat
mentioned above.  AFAIK, application-level involves modification
of every app we are interested in, and network or transport level
should probably best wait for IPv6.  I think link-layer is best
for what we need.

Come to think of it I've never seen papers on this kind of issue,
probably because I haven't looked.  Anyone got any URLs/bibliorefs
to a paper on the benefits of encryption or authentication at the
different levels of the OSI or other network models?

Thinking about it a bit more, if you only encrypt, say, telnet
then you've got a pretty predictable plaintext stream.  If you
encrypt the entire link level properly then it might be much harder
to isolate the nonvariant bits of the protocols since the port and
that kind of header info is not available to the attacker at that
level.

References:
- Re: encrypting pppd?
  - From: [email protected] (Roy M. Silvernail)

Prev by Date: Re: WINDOWS NT ????
Next by Date: RE: WINDOWS NT ????
Prev by thread: Re: encrypting pppd?
Next by thread: Re: encrypting pppd?
Index(es):
- Date
- Thread