--- F R E N D Z of martian --- Warning: vaguely techie If you're not interested in privacy don't read on. Oh dear. A d'oh! moment. There I was, with my secure link to my work computer, using ssh, basically encrypted telnet (http://www.ssh.fi/ I think). I decided to telnet across to marsbard.com. I couldn't use ssh because they had version 1 running there and I have the incompatible version 2 client installed. So I used vanilla telnet. As I watched the login message come up, the realisation dawned on me that I had facilitated a 'known-plaintext' attack on my crypto key (see http://www.hedgie.com/passwords/pkzip.html for a description of a known-plaintext attack on pkzip files, and a program to do it - you need 13 bytes of data...). The unencrypted datastream from marsbard could be matched with the encrypted one from Brann to my house. This would make decrypting my datastream much easier - and they wouldn't have to take the time to brute-force it either, statistical analysis of the 'plaintext' (the unencrypted stream) would reveal the patterns in the words, and help to find the right place in the stream to try to match the two parts. The scary thing is that once that was done, there would be a copy of my private key, and it would be trivial to see all my 'secure' communications, including passwords, of course. The lesson - secure links should be considered closed-ended. Once you're in secureland, don't leave it. If you need to get somewhere in unsecureland, copy and paste the link into an unencrypted client. -- Linux. May the source be with you. W4U - The World Wide Web Workers' Union - http://w4u.dhs.org/ W4U archive at http://www.mail-archive.com/[email protected]/ -- Sent to you via the frendz list at marsbard.com The archive is at http://www.mail-archive.com/[email protected]/
