RE: Fwd: [DES-ANNOUNCE] New clients and 'spamming'

James Johnson (plexus@seanet.com)
Mon, 05 May 1997 13:38:24 -0700


At 04:01 PM 5/5/97 -0400, you wrote:
>On Mon, 5 May 1997, James Johnson wrote:
>
>All this does is make sure that a client actually requested a keyblock
>before it returned the result. A trivial way to bypass this is:
>
>while(1) {
> RequestBlock();
> /* NOP */
> ReplyNotFound();
>}

I can't believe I was that short sighted. Wow that was embarrassing. ;)

I was working on the premise that deschall code was not easily gotten. Even
if it were the encryption method (module) could be held 'secret' and not
released. For our purposes all we would need is to buy time. Of course this
does not rule out the fact people could still reverse engineer the
assembler to get the algorithm used.

---
/****************************************************************
* "Mediocrity knows nothing higher    * James B. Johson
* than itself; but talent instantly   * plexus@seanet.com 
* recognizes genius"                  * james_johnson@sierra.com
*                                     *
*                                     * "Do or do not. There is 
*              Sir Arthur Conan Doyle *  no try." Yoda
*                                     * 
*                                     * "If knowledge is power, 
*                                     *  than a god am I."  
*                                     *     The Riddler    
*                                     *  
****************************************************************/

Crack DES now!! http://www.frii.com/~rcv/deschall.htm