mullen@mpm.itd.nrl.navy.mil (Preston Mullen) (09/15/89)
Have horrible holes or other problems been found in secure NFS? Is it robust enough to be worth the trouble? I have been testing secure NFS and "C2" mode for several months, fixing up little problems, working around inadequate documentation, finding that some patches from Sun don't work under "C2" mode, etc. I'd like to know whether this has really been worth while, since we are contemplating more widespread use of these features. I _feel_ more secure, but I'd like to know if this is illusion or reality. I'm interested in both theoretical problems and implementation bugs. Thanks. Preston Mullen Code 5534 Information Technology Division Naval Research Laboratory Washington DC 20375-5000 P.S. If there is something truly horrible that you don't want to reveal to the net, you can reply to root@itd.nrl.navy.mil instead of the From: address.
gnu@toad.com (12/04/89)
Preston Mullen asked back in Sept. whether Secure NFS's security was
"illusion or reality". The short answer is it's illusion.
One of the ten-minute talks at Crypto '89 in August was on "Cryptanalysis
of Secure NFS" by Andrew Odlyzko (research!amo) and Brian LaMacchie. They
found that Sun had made errors in the implementation that resulted in the
system being relatively insecure as cryptographic systems go. Also,
finding discrete logarithms doesn't appear to be as hard as Sun expected
it to be, so the numbers Sun is using aren't big enough to avoid people
simply burning some CPU time to break the system. Andrew says he "gave
the job of breaking it to a bright summer student" (LaMacchie). You
should contact them for the full details.
There are also major holes in the way the system starts up; the password
for "root" is stored in a file in the file system, so the system can boot
up without having someone type a password.
John Gilmore {sun,pacbell,uunet,pyramid}!hoptoad!gnu gnu@toad.com
Just say *yes* to drugs. Use your *no*s for government bullshit.