Re: Tristrata (was RE: Port funnels?) -reply

[mht () clark net]

I would like to third this one also.  I had initially raised several
issues with some of the engineers that were working on this in July 1997 I
had identified several glaring holes in their design implementation of the
one-time pads, and the encryption algortihms used.  

/cheers
/mark


On Thu, 15 Apr 1999, Marcus J. Ranum wrote:

> Technical Incursion Countermeasures wrote:
> > I'd be quite careful about using TriStrata if I was you.. for referece you
> > might want to read some of the papers Bruce Schneier has written regarding
> > it.. also note that TriStrata is backing away from the crypto side rather
> > rapidly.. to the extent of dumping the old CEO and putting in someone new...
>
> I've gotta second that one. I read a few of the press releases
> and documentation about how their system purportedly works. It's
> beyond dumb. If I recall, they are shipping "one time pads" around
> the 'net, encrypted with a normal encryption algorithm (blowfish,
> I think, ironically). Research before you buy.
>
> There's a lot of snakeoil out there, unfortunately. There was also
> a company producing a "power one-time pad" - also to be avoided.
> (It used the IP address and a repeating password which was sent
> over the 'net in the clear to seed an autokey based on some mixing
> algorithm that isn't even as good as DES)
>
> mjr.
> --
> Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
> work - http://www.nfr.net
> home - http://www.clark.net/pub/mjr

##########################################################
'Turn on, Boot Up, Jack in'
#########################################################