<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: "CIPE-list" <cipe-l,AT,inka,DOT,de>
Subject: CRC-32 and CipeX
From: "Hans Steegers" <hsx,AT,dds,DOT,nl>
Date: Sat, 27 Sep 2003 12:44:49 +0200
Reply-to: "Hans Steegers" <steegers,AT,steegers,DOT,nl>

Since the CRC-32 checksum is **possibly** a weakness that is **relatively**
easy to fix, I _intend_ to implement the following changes in my CipeX
patch:

*1* I will use the two remaining unused bits in the P-byte to specify which
checksum algoritm to use:
00: CRC-32 as in the current version
01: Another 32 bits checksum, improved algoritm (to be decided)
10: 64 bits checksum algoritm (to be decided).
11: 128 bits checksum algoritm (to be decided: MD5?).

* The checksum algoritm to use can be specified in the options file.
* I am looking for existing reliable checksum routines usable in kernel
space, so I don't have to re-invent wheels. (any input is welcome) Note that
libraries cannot be used in kernel space.
* It will increase the code size (3 additional cksm routines), but it allows
the user to decide the level of security against speed, and maintains
compatibility with the previous version.

*2* Another intended change is to decrease the life-time of the dynamic key,
or to make it configurable (any input is welcome).

This will address the most important issues with a minimum effort.

A complete overhaul of the packet format etc. is not urgent and should be
combined with a new implementation using kernel services in the new 2.6
kernel, as outlined in a previous posting.

**IMPORTANT NOTE**
This patch will NOT become available for COMMERCIAL use until my work if
FULLY paid by those greedy selfish sharks making a lot of money from other
peoples work, without giving anything back to the community, but FUD.

Have fun,

__________________________________________________
Hans Steegers


<< | Thread Index | >> ]    [ << | Date Index | >> ]