Date: Mon, 18 Jan 1999 05:14:21 GMT From: jbg@masterplan.org (Jason George) To: freebsd-security@FreeBSD.ORG Subject: Re: SKIP algorithm mismatch: FBSD vs Solaris Message-ID: <199901180513.WAA23546@gongshow.masterplan.org>
next in thread | raw e-mail | index | archive | help
The Solaris package version is the global version (512-bit) of the SKIP binary, whereas the FreeBSD port is the U.S./Canada version (2048-bit). I ordered the Windows version online a few months ago and downloaded via the Sun website. It only supported the RC2/RC4 algorithms. It took me a full week of persistent bugging to get Sun to tell me that the only way to obtain the 2048-bit version was to have them ship me a copy to a verified North American address. The bottom line is that all of the web-downloadable SKIP binaries are only compiled to run at "global" level encryption strength. I'm quite confident that the $$$ version of Solaris SKIP will support stronger encryption. I'm also confident that if you compiled the Solaris version from scratch, it would support stronger encrytion. Hope this helps. --Jason j.b.george<at>ieee.org jbg<at>masterplan.org >I've got a FBSD<-internet->Solaris setup and I'd like to run IP-level >encryption between them. I installed skip-1.0 from the FBSD port >collection and did a pkgadd of the Solaris skip-1.1 from >http://skip.incog.com/. > >Unfortunately, it seems they don't share any crypto algorithms. Am I >out of luck? If so, what non-skip alternatives might I have? > >thanks! >-david. > >On FreeBSD (Skip 1.0): ># skipstat -C > >Cryptographic algorithms (SKIP version 1): >Crypto Module Id: 1 Crypto Name: DES-CBC >Crypto Module Id: 10 Crypto Name: simplecrypt > >Cryptographic algorithms (SKIP): >Crypto Module Id: 1 Crypto Name: DES-CBC >Crypto Module Id: 2 Crypto Name: DES-EDE-K3 >Crypto Module Id: 241 Crypto Name: Safer-128SK-CBC >Crypto Module Id: 252 Crypto Name: simplecrypt > >MAC algorithms (SKIP): >MAC Module Id: 1 MAC Name: MD5 > >On Solaris (Skip 1.1): ># skipstat -C > >Cryptographic algorithms (SKIP version 1): >Crypto Module Id: 2 Crypto Name: RC2-40 >Crypto Module Id: 3 Crypto Name: RC4-40 > >Cryptographic algorithms (SKIP): >Crypto Module Id: 240 Crypto Name: RC4-40 >Crypto Module Id: 242 Crypto Name: RC2-40 > >MAC algorithms (SKIP): >MAC Module Id: 1 MAC Name: MD5 > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901180513.WAA23546>