Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ABOVE.NET SECURITY TRUTHS?

  • From: Joshua Goodall
  • Date: Sat Apr 29 03:36:12 2000


> Since we are going into a description of cryptography, we might as well
> bring up that since the random number generator used to generate the
> supposedly random RSA key pair _is_ predictable ... [split]

This statement is a litle too broad. I would contest that the design of,
say, FreeBSD's /dev/random permits sufficient entropy collection to
usefully initialise a strong hashing algorithm with a non-predictable
vector. 

> [split] ... the whole idea of perfect security is improbable at best;
> the exercise does make it difficult for people with only a casual
> interest in your operations to directly compromise them.

This statement hits the mark, but I like to be explicit, to scare security
neophytes: if you have ever crossed-over passwords, shared them between
two systems, or made any kind of assumption that means the security of one
password has depended on the security of another then all such linked
accounts passwords are potentially compromised simultaenously.

If you're paranoid enough to accept that, then :

a) maybe your security could be good enough
b) perhaps you should consider using SSH key agents rather than passwords.

- joshua






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.