Path: utzoo!dptcdc!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!SUN.COM!cpj
From: cpj@SUN.COM (Chuck Jerian)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: Secure access over TCP/IP networks.
Message-ID: <8904162016.AA28265@sparky.sun.com>
Date: 16 Apr 89 20:16:52 GMT
References: <4814@ditmela.oz>
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: cpj@Sun.COM (Chuck Jerian)
Organization: Sun Microsystems, Mountain View
Lines: 8

>Why not use a a four byte key, a magic number and the low byte to xor...

A four byte key is too short.  It invites a search of the key space.
Also xoring the data one byte at a time with the low byte is suspect.
A much sounder scheme would be to use cipher block chaining and des.

One problem with telnet is that data is sent out of band for commands,
and this causes trouble keeping a cbc synchronized on both ends.