encryption

[Aleksandar <al...@gmail.com>]

Hello,
I want to encrypt traffic from my mina client to my mina server. I can
do that with SSL but due to traffic limitations is not possible.
Is it possible to use block cipher and how? Does block cipher
generates less traffic than SSL?

RE: encryption

[Benoit Hudzia <be...@gmail.com>]

Compression filter is only useful when you start transferring lots of data
to balanced the fact that it take a substantial amount of time to compress /
decompress. For small message the time taken for compressing uncompressing
is counterbalanced by the actual time it takes to transmit the data.
One solution for your problem is going for XML encryption ( check the
XML-SEC from apache project ) , but you still need to solve the problem of
key exchange. And the computational cost is not trivial on PDA and other. So
far most of PDA don't really use encryption unless they have dedicated
hardware to offload it.




-----Original Message-----
From: Aleksandar [mailto:aleksandar.valchev@gmail.com] 
Sent: 31 August 2006 15:22
To: mina-dev@directory.apache.org
Subject: Re: encryption

I though about compression filter, but the server must be available
from different platforms including PDA and other widgets and I do not
know is it reasonable.

I mostly transfer data in following format:
short
int
float
float
Size is 2 + 4 + 4 + 4 = 14 bytes.
Thouse bytes must be encrypted with cipher that is available on
different platforms and probably in different languages.

Re: encryption

[Vinod Panicker <vi...@gmail.com>]

On 8/31/06, Aleksandar <al...@gmail.com> wrote:
> I though about compression filter, but the server must be available
> from different platforms including PDA and other widgets and I do not
> know is it reasonable.
>
> I mostly transfer data in following format:
> short
> int
> float
> float
> Size is 2 + 4 + 4 + 4 = 14 bytes.
> Thouse bytes must be encrypted with cipher that is available on
> different platforms and probably in different languages.

First of all, I'd like you to seriously consider the implications of
using a block cipher between hosts that are previously unknown to each
other. The key-exchange issues are not trivial, and nor are the
security implications.

If you want bullet-proof security, then SSL is the way to go.

If you just want obfuscation, then the compression filter might do the
trick for you. Its based on zlib, for which implementations are
available on all platforms.  Languages are not an issue with either,
since the work is being done on byte streams.

Regards,
Vinod.

Re: encryption

[Aleksandar <al...@gmail.com>]

I though about compression filter, but the server must be available
from different platforms including PDA and other widgets and I do not
know is it reasonable.

I mostly transfer data in following format:
short
int
float
float
Size is 2 + 4 + 4 + 4 = 14 bytes.
Thouse bytes must be encrypted with cipher that is available on
different platforms and probably in different languages.

Re: encryption

[Trustin Lee <tr...@gmail.com>]

What do you think about applying the compression filter together?  Just
curious.

On 8/31/06, Benoit Hudzia <be...@gmail.com> wrote:
>
> I m not sure that it will generate less traffic.
> Depending of the block cipher you use you still need to exchange keys
> (like
> a diffie hellman  method). You can use static one but if you do it leads
> to
> security problems.
> On top of that most block cipher pad their message to avoid size attack.
> So
> it won't really reduce the amount of traffic unless you use non padded
> block
> cipher witch leads to potential security hole again.
> And I don't really see what traffic limitation you have to need to avoid
> using TLS ??
>
>
> -----Original Message-----
> From: Aleksandar [mailto:aleksandar.valchev@gmail.com]
> Sent: 31 August 2006 11:54
> To: mina-dev@directory.apache.org
> Subject: encryption
>
> Hello,
> I want to encrypt traffic from my mina client to my mina server. I can
> do that with SSL but due to traffic limitations is not possible.
> Is it possible to use block cipher and how? Does block cipher
> generates less traffic than SSL?
>
>


-- 
what we call human nature is actually human habit
--
http://gleamynode.net/
--
PGP key fingerprints:
* E167 E6AF E73A CBCE EE41  4A29 544D DE48 FE95 4E7E
* B693 628E 6047 4F8F CFA4  455E 1C62 A7DC 0255 ECA6

RE: encryption

[Benoit Hudzia <be...@gmail.com>]

I m not sure that it will generate less traffic.
Depending of the block cipher you use you still need to exchange keys (like
a diffie hellman  method). You can use static one but if you do it leads to
security problems.
On top of that most block cipher pad their message to avoid size attack. So
it won't really reduce the amount of traffic unless you use non padded block
cipher witch leads to potential security hole again.
And I don't really see what traffic limitation you have to need to avoid
using TLS ?? 


-----Original Message-----
From: Aleksandar [mailto:aleksandar.valchev@gmail.com] 
Sent: 31 August 2006 11:54
To: mina-dev@directory.apache.org
Subject: encryption

Hello,
I want to encrypt traffic from my mina client to my mina server. I can
do that with SSL but due to traffic limitations is not possible.
Is it possible to use block cipher and how? Does block cipher
generates less traffic than SSL?