[Otpasswd-talk] GRC PPP newsgroup messages

[Hannes Beinert]

Tomasz,

I spent some time tonight (too much time, actually :-) re-reading some
of the old newsgroup messages on Gibson's newserver.  I remember that
you wrote that you had some trouble with the GRC groups, so I've
attached an archive containing a number of messages you might want to
scan, just to get an idea of what was going on while PPP was evolving.
 I only copied those messages which seemed slightly interesting, and
started from late in the period where PPPv2 was being discussed.

One of the threads discusses the "best sequence key" search idea that
Gibson employs, and the reasons he does this.  Frankly, I do think it
is probably a good idea, although it's not critical.  Basically, he
evaluates sequence keys for the number of repeated passcodes within a
specified window.  He does this to reduce the likelihood that a replay
attack will succeed, as well as eliminating the possibility of two
identical passcodes appearing in close proximity on a (series of)
passcards, thereby upsetting an end-user who doesn't comprehend the
nature of "randomness" (:-).  The messages also show that Tom Fors was
quite skeptical of this approach.

I also stumbled across a reference that Gibson had actually salted the
counter initially, but had decided against it.  The reference is a bit
oblique, but I believe that was the general import of his message.  To
be clear, I don't think that what he writes invalidates our previous
discussion, but I just wanted to cite the message.  The message is:

     From: Steve Gibson <address@hidden>
     Subject: Re: OKAY -- PPPv2 stays EXACTLY as it is.
     Date: Thu, 8 Nov 2007 12:18:24 -0800
     Message-ID: <address@hidden>

Towards the end, there is also a quick exchange regarding the
replacement of SHA256 with AES in PPP, and how it would have the
advantage of increased entropy (more bits).

Hannes.

PPP_Newsgroup.zip
Description: Zip archive