Login functionality

Dagmar d'Surreal dagmar.wants at nospam.com
Wed Feb 18 10:19:38 PST 2004

On Wed, 2004-02-18 at 06:01, Christopher James Coleman wrote:

> As a side note, encrypted logs tend to be inherently weaker than normal
> encrypted data. This is because they consist of a standard output format.
> This makes cryptanalysis much easier. For example, if a user can trigger a
> logging event by some action it is not that difficult to work out what
> they have done -- repeat the event ad nauseum, and you have a lot of
> predictable plain-text underneath that encrpytion.

This is _very_ true.  Chosen/known plaintext attacks, especially with a
sizeable volume of data, severely weaken the strength of the cipher.

> In general though, it is probably a good idea. In a book I was reading, it
> also suggests using incremental nonces in order to aid in verifying log
> integrity. I think I remember them also saying that no current `syslog'
> style utility does this.

Syslog-ng does, or so I thought.
The email address above is phony because my penis is already large enough, kthx. 
              AIM: evilDagmar  Jabber: evilDagmar at jabber.org

More information about the hlfs-dev mailing list