Some thoughts on the Chinese Net
Bill Stewart
stewarts at ix.netcom.com
Sun Feb 18 10:07:50 PST 1996
At 05:38 PM 2/14/96 -0500, Perry wrote:
>Jon Lasser writes:
>> The more complex portion (from my perspective, at any rate) is a
>> modification of the standard TCP/IP protocol, requiring that each packet
>> be signed by its originating user. This would require lots of software
>> modification on the Chinese end, as well as a conversion process at the
>> National firewall.
>
>They could use no stock software, and they would grind every machine
>in the country to its knees doing the signatures. RSA signatures
>aren't cheap.
Could you use IPv6 / IPSP authentication to do the job? You'd obviously
need to create network software for the various operating systems,
but for most of them it's not a big change and various well-known people
are working on implementations :-) You could get by with something
cheap like an RSA-signed key used for a MAC with either RC4 or MD5,
reducing the problem to one RSA signature per connection plus faster algorithms.
For email, that's probably still one signature per mail message, but it's
a manageable load...
#--
# Thanks; Bill
# Bill Stewart, stewarts at ix.netcom.com / billstewart at attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs Pager +1-408-787-1281
! Frank Zappa for President !
More information about the cypherpunks-legacy
mailing list