Re: SSH2 Encryption
On Mon, Jun 10, 2002 at 01:13:06PM -0400, Jeff Bonner wrote:
> 2) The SHA1-96 hash should be better than MD5-96, correct?
Yes. MD5 has had some very minor breaks. It is easier to find
hash collisions than it should be. This means that it is possible to find
two messages that hash to the same value. You need to choose _both_
messages, so this doesn't help you e.g. make trojan binaries that have the
same MD5 hash as the originals.
See http://www.rsasecurity.com/rsalabs/faq/3-6-6.html.
> 3) Any reason you *wouldn't* want to use compression in SSH?
latency on interactive connections, esp. if your computer is slow.
However, someone else pointed out that compression could reduce the amount
of data to be encrypted, so compression can actually improve screen refresh
time (when displaying a screenful of text at once) under some circumstances.
--
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- Follow-Ups:
- Re: SSH2 Encryption
- From: Sergio =?unknown-8bit?q?Rodr=EDguez_de_Guzm=E1n_Mart=EDnez?= <sguzman@inicia.es>