"Sampsa" == Sampsa Laine <sampsa at mac.com> writes:
Sampsa> Guys, I've had an idea for improving the usability and
Sampsa> security of the bridge: Encryption.
Sampsa> Now I realise that we're not dealing with a massively
Sampsa> high-security installation here with with HECnet but please
Sampsa> hear me out :)
Sampsa> My proposal is that each end point of a bridge connection
Sampsa> share a secret and use some form of symmetric encryption (say
Sampsa> AES in ECB mode) whilst communicating....
Sampsa> A CRC-32 (of the unencrypted frame) would be used to
Sampsa> determine the validity of the data.
Um, no.
I rather doubt this sort of thing is worth doing, but if you think
it's useful, you should use a design that has the right security
properties.
Doing crypto right is hard -- much harder than you might think. ECB
is never right; neither is CRC for integrity (in a crypto setting).
On the other hand, the right way already exists. Just turn on IPsec.
If you want to invent your own, you should study IPsec to see how it
is constructed, and understand why it is constructed that way.
Studying the prior art is a good idea. It helps to avoid building
stuff that doesn't work. And unfortunately there's plenty of that.
WEP is a classic example of a "security" system designed by people who
didn't know what they were doing, and didn't know that they didn't know.
paul
Show replies by date