> I've been chewing on this idea for a while and am hoping someone on > the list may help me with a concern. > > The notion is that big company B will distribute CDs to employees to > use for remotely accessing things like mail, corporate Intranet, > etc. The disk contains two bootable images. One is "normal" and > is the first to load. The second squashed image is encrypted in a > manner that the first image can decrypt. > > The first image loads, connects to Corp B and authenticates the > user. At that point the key to decrypt the second image is provided > and the computer chroots to the second image. This environment is > considered trusted and access is provided into Corp B.
Because the CD provided to all the users is encrypted with the same key, and that this key is not session based, replay attacks are possible. > > This seems fairly straightforward but then why isn't anyone doing > this already? What haven't I considered? > > It's easy to use the word encryption but is much harder to make it > work. Any recommendations on projects I should look at that may be > suitable for this purpose? > > thanks, > Jeff > > ________________________________ > > Jeff Gercken <mailto:[EMAIL PROTECTED]> > > 502-292-4838 office > > 502-292-5238 fax > > <http://www.kizan.com/> www.kizan.com <http://www.kizan.com/> -- [email protected] mailing list
