-----BEGIN PGP SIGNED MESSAGE-----
Crypto synchronization seems to be a problem mainly in real-time appliations like digital voice, where you don't have a reliable protocol underneath you.
Phil, there is more to this than meets the eye. What happens if I, as an attacker, start feeding extra characters onto the modem line? Granted, I wont know what you are saying, since the link is encrypted, but if I can get an extra character on there, then the decryption will lose sync, and wont return the proper value... For example... Sender: more foo Encrypted data: HaoVwAog Received data: HaooVwAog Decrypted: morOmf&sm Now what? The sender and receiver are out of sync.... I believe this was what Nickey was talking about.. I was discussing this problem with a few people and haven't come up with a good, viable solution... yet.
This is essentially how encrypted Kerberos Telnet works now, although I would like to generalize the service to work with any TCP client.
Uhh, there is a kstream package somewhere (or am I thinking of vapor-ware, it's late and I'm tried). This wouldn't be very hard to create. In fact, I was hoping to do something like this with my Thesis... Although it might get left for "future work". This depends upon having a clearly denoted stream, which neither telnet nor kermit provide a good interface. (Trust me on this -- it took me a while to try to create one for the little I've hacked them for my Thesis). - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK8qLvTh0K1zBsGrxAQG39QLFFn0/Nz1zVRi6kHp+j+R0KAQQlEL6588d RfSshGGFhuXIJE/S8BP8kqLrKeSeRgSbil3zBLQZNeconnExaq6VUeO5Yvn9U/0S cHggKYBTlcz1zqjp7BLxLz8= =TBaq -----END PGP SIGNATURE-----