[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Time Expiry Alogorithm??

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Time Expiry Alogorithm??
From: "Gautam R. Singh" <gautam.singh@xxxxxxxxx>
Date: Sat, 20 Nov 2004 16:45:07 +0530

Thanks list for the good discussion, now I going back to read crypto basics :) 

Thanks & regards,
Gautam


> Yo Gautum!
> 
> On Fri, 19 Nov 2004, Gautam R. Singh wrote:
> 
> > I was just wondering is there any encrytpion alogortim which expires wit
> > h time.
> 
> IPSec, kerboros, etc. all use time as part of the auto-generated session
> key to prevent playback attacks.
> 
> If a black hat has an intercepted message he wants to decode then he can
> set his clock to anything he wants to.  Time is no help there, except
> to expand the key search space if they are looking for an unknown key.
> If they have the key already nothing you can do if they can reset their
> clock.
> 
> All that time gets you is protection from replays.
> 
> RGDS
> GARY
 


-- 
Gautam R. Singh
[MCP, CCNA, CSPFA, SA1 Unemployed] pgp:
http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_@hotmail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Time Expiry Alogorithm??
  - From: Gautam R. Singh
- Re: [Full-Disclosure] Time Expiry Alogorithm??
  - From: Gary E. Miller

Prev by Date: Re: [Full-Disclosure] Sober.I worm is here
Next by Date: Re: [Full-Disclosure] University Researchers Challenge Bush Win In Florida
Previous by thread: Re: [Full-Disclosure] Time Expiry Alogorithm??
Next by thread: [Full-Disclosure] Sober.I worm is here
Index(es):
- Date
- Thread