Subject: Re: Kerberos: telnet to Solaris -> Bad encryption type
To: Steven M. Bellovin <firstname.lastname@example.org>
From: Johan Danielsson <email@example.com>
Date: 09/27/2005 13:06:05
"Steven M. Bellovin" <firstname.lastname@example.org> writes:
> Why do you say this? As far as I know, there are no generic attacks
> against CFB, and the weakness of DES is (and always has been) against
> brute-force key search, which 3DES defends against.
Maybe I'm wrong. If the weakness of CFB lies only in the crypto used,
then 3DES is a lot better. Also telnet doesn't implement any integrity
by itself, and CFB doesn't help much either.