Subject: Re: Kerberos: telnet to Solaris -> Bad encryption type
To: Johan Danielsson <>
From: Steven M. Bellovin <>
List: tech-security
Date: 09/26/2005 12:31:51
In message <>, Johan Danielsson writes:
>Love H=F6rnquist =C5strand <> writes:
>> kenh have a telnet{,d} that does Tripple-DES, but I'm don't know it So=
>> supports that.
>It's not clear that 3des-cfb >> des-cfb (assuming it's still using

Why do you say this?  As far as I know, there are no generic attacks =

against CFB, and the weakness of DES is (and always has been) against =

brute-force key search, which 3DES defends against.

		--Steven M. Bellovin,