RE: CRC32 - thoughts on Gutmann response

["Eric M. Hopper" <hopper,AT,omnifarious,DOT,org>]

On Fri, 2003-09-26 at 00:47, Joseph Jamieson wrote:
> To more people then you would think, security just isn't a major factor.
> Cipe is very easy to install and run, it's solid as a rock, and it
> includes some good encryption.  Not to mention it's nice and fast.
> 
> It's not the perfect security model, but for a good many people, it Just
> Works.
> 
> At my company, we have set up cipe between many small offices quite
> successfully.   They do e-mail and other such things over it, usually
> with low end DSL lines and cable modems.  Heavy duty unbreakable
> security just isn't too important; if someone is going to spend enough
> time to crack the session and read the data, they'd see a whole lot of
> nothing.

Good security isn't just for you, it's for everybody you share the
Internet with.  Once a tool can be shown to have weaknesses that can be
fixed, they should be fixed, no excuses, no "it's good enough for my
purpose", none of that.  That way leads one day to an Internet that's
completely unusable for the vast majority of people because of DDOS
attacks and whatever else.

I'm not saying that if CIPE isn't fixed right now that it's a total
disaster.  I'm just saying that this kind of argument against fixing
something isn't at all valid, and not worth paying attention to.

> If someone could come up with a VPN that was as firewall friendly, fast,
> and as easy to set up as cipe, but with all the latest and greatest
> security measures, great!  If not, I'll still use it, at least until all
> the theory is proven and someone actually cracks cipe.

This, I sort of agree with.  What should happen is that CIPE should be
fixed.  It's possible that OpenVPN and CIPE should be merged.  IMHO,
IPSEC should be completely abandon because it's too complex to implement
securely or even interoperably.

The utter simplicity (comparitively anyway) of configuring CIPE means it
should stay around.  Complexity is the enemy of security.  The minor
modifications that would make it more secure aren't very difficult to
implement, and don't add significantly to the complexity of the protocol
or the complexity of the implementation.  Unfortunately, they do mean
that a new, incompatible protocol needs to be created.

> Nobody said cipe was a replacement for SSL/SSH.  What an ignorant
> bastard.

Simply because his tone was snotty, snide and incendiary doesn't mean
the points aren't valid.  It is clear that he didn't study CIPE as
carefully as he could've, but he wasn't being payed for a security
audit, was he?  When one gets things for free, like the attention of
someone who mostly knows what they're talking about, it's good to try to
pull out the useful things and ignore the not so useful things.  That's
the lubricant that greases the Open Source world.

Have fun (if at all possible),
--
There's an excellent C/C++/Python/Unix/Linux programmer with a wide
range of other experience and system admin skills who needs work.
Namely, me. http://www.omnifarious.org/~hopper/resume.html
-- Eric Hopper <hopper,AT,omnifarious,DOT,org>

Attachment: signature.asc
Description: This is a digitally signed message part