Subject: Re: why secure rpc is not included in lib/libc/rpc ?
To: Zdenek Salvet <firstname.lastname@example.org>
From: Perry E. Metzger <email@example.com>
Date: 12/07/1994 15:19:32
[I can't comment on why the core group didn't include it, but I do
know a few things about "secure" RPC.]
Well, you need more than just DES -- you need the key management
system. The key management for sun's usual "secure" RPCs is based on
Diffie-Hellman key exchange, which is a patented technology and can't
be given away for free. There is, however, a deeper problem, IMHO.
The key management on sun's usual "secure" RPC is useless. The
Diffie-Hellman it does is too small and uses a fixed modulus, which
makes it easily vulnerable to an attack described by Odlyzko and
LaMachia (spelling may be slightly wrong on the names). Given a fixed
fairly small modulus, having done a bit of precomputation, you can
compute successive discrete logs with virtually no effort (they give
code in Mathematica to do the last step as an indicator of how little
CPU is needed.) I would say that people shouldn't be trying to use the
thing as supplied.
I do know that in Solaris they are supporting Kerberos as a key
management system, and Kerberos is widely available. Maybe duplicating
that work would be worthwhile...
Zdenek Salvet says:
> Why secure rpc is not inluded in NetBSD sources ?
> If I understand src/lib/libc/rpc/README correctly, the only thing needed
> is DES implementation - working libcrypt should do.
> I think most users even outside USA already have/can get unencumbered libcryp
> e.g. FreeSec from ftp.cs.rmit.edu.au)
> Zdenek Salvet