lloydchimera.acm.jhu.edu

• Next message: James A. Donald: "A proposal for secure videoconferencing and video messaging over the Internet"
• Previous message: greatbiz2000myrealbox.com: "Fantastic Home Based Biz!!!"
• In reply to: malekith: "crypto FTP"
• Next in thread: malekith: "Re: crypto FTP"
• Next in thread: Matthias Fischmann: "Re: crypto FTP"
• Reply: Jack Lloyd: "Re: crypto FTP"
• Reply: malekith: "Re: crypto FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 25 Jul 2000, malekith wrote:

> i worte secure (encrypted) version of ftp protocol. it has nothing to do
> with ssh, but uses similar mechnisms for key exchange and block
> encryption. i'll be glad to hear whatever rc4 cipher (arcfour)
> is safe (whatever to set it default cipher?).

Given a big enough key (128 bits is fine), then RC4 is secure (as far as
anyone knows at this point, anyway). However, it would be a good idea to
ensure that the same key is not used in both directions, a lot of MS stuff
has been found vulnerable to attacks because they use the same RC4 key
each way. Also RC4 is fast, which is good if you're encrypting the bulk
data transfer. Probably giving people the option of 3DES or Blowfish or
something would be good though.

> also it'll be nice if someone have a look at it ;)

Alas, real work calls. :)

J

• Next message: James A. Donald: "A proposal for secure videoconferencing and video messaging over the Internet"
• Previous message: greatbiz2000myrealbox.com: "Fantastic Home Based Biz!!!"
• In reply to: malekith: "crypto FTP"
• Next in thread: malekith: "Re: crypto FTP"
• Next in thread: Matthias Fischmann: "Re: crypto FTP"
• Reply: Jack Lloyd: "Re: crypto FTP"
• Reply: malekith: "Re: crypto FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]