Path: utzoo!attcan!uunet!aplcen!samsung!cs.utexas.edu!sun-barr!lll-winken!maddog!brooks From: brooks@maddog.llnl.gov (Eugene Brooks) Newsgroups: comp.windows.x Subject: Re: Security extensions to X Message-ID: <41053@lll-winken.LLNL.GOV> Date: 9 Dec 89 07:03:16 GMT References: <8912072350.AA26289@kanga.lcs.mit.edu> Sender: usenet@lll-winken.LLNL.GOV Reply-To: brooks@maddog.llnl.gov (Eugene Brooks) Organization: Lawrence Livermore National Laboratory Lines: 25 In article <8912072350.AA26289@kanga.lcs.mit.edu> jim@EXPO.LCS.MIT.EDU writes: >There is growing interest within various members of the Consortium for an >extension that will provide at least B2 security. Given that the DoD has >indicated that it would like to see secure window systems within the next 2-3 >years, there will probably be an effort starting up in the next year or so. The issue has been given some thought here, the notion however is more general that just X and covers the whole issue of security of compartmentalized information on a network where any node can snoop for data without being seen. One possibility is to persue a similar tact as that used by SUN for secure NFS. Use DES (or better) encrypted TCP/IP, each pair of nodes for which secure communication must occur share a key for the link. TCP/IP packets evidently have source and destination address fields, and one simply encripts the data in the packet according to the agreed upon key between the two nodes. Each link between two nodes has a unique key, and the encription can be as nasty as is required for the data. Some "spy" node listening to the channel will only get hash. This is probably not fool proof. There are probably a lot of headers and other frequently occuring patterns in the data transferred by X. A good example would be commonly used background tiles and such. The classic weakness of having both the clear text and the encrypted text for a message does a good job a compromizing the key. It is probably sufficient for compartmentalizing information, where all people with physical access to the network are suitably cleared. brooks@maddog.llnl.gov, brooks@maddog.uucp