lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1c2c816104112003151f2e5992@mail.gmail.com>
From: gautam.singh at gmail.com (Gautam R. Singh)
Subject: Time Expiry Alogorithm??

Thanks list for the good discussion, now I going back to read crypto basics :) 

Thanks & regards,
Gautam


> Yo Gautum!
> 
> On Fri, 19 Nov 2004, Gautam R. Singh wrote:
> 
> > I was just wondering is there any encrytpion alogortim which expires wit
> > h time.
> 
> IPSec, kerboros, etc. all use time as part of the auto-generated session
> key to prevent playback attacks.
> 
> If a black hat has an intercepted message he wants to decode then he can
> set his clock to anything he wants to.  Time is no help there, except
> to expand the key search space if they are looking for an unknown key.
> If they have the key already nothing you can do if they can reset their
> clock.
> 
> All that time gets you is protection from replays.
> 
> RGDS
> GARY
 


-- 
Gautam R. Singh
[MCP, CCNA, CSPFA, SA1 Unemployed] pgp:
http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_@...mail

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ