Field slide attacks and how to avoid them.
Bill Stewart
bill.stewart at pobox.com
Tue Sep 18 23:18:21 EDT 2001
But XDR is so BORING compared to a REAL standard like ASN.1!
It doesn't have infinite possibilies for object definitions
requiring help from standards committees, multiple incompatible
data representations with different kinds of ambiguity,
or ugly API packages that are too large to believe that the
implementers debugged them adequately. That's just no fun at all!
(I realize it doesn't do everything in the world,
or have all the power, expressiveness, or bit-twiddling
that ASN.1 or even PGP/OpenPGP data formats have,
but there's a lot to be said for something that's minimal and works.)
At 04:50 PM 09/10/2001 -0400, Kevin E. Fu wrote:
>We use hashes of marshalled XDR representations of data in the SFS
>read-only file system [2]. This allows us to protect the integrity of
>public, read-only content without having to worry about simple
>splicing attacks. The eXternal Data Representation Standard is
>popular for implementing things like NFS [2, 4].
>...
>[0] 6.033 Spring 2001 Quiz 2. http://web.mit.edu/6.033/www/handouts/s01_2.ps
>[1] Dos and Dont's of Client Authentication on the Web, USENIX Security 2001,
> http://cookies.lcs.mit.edu/
>[2] NFS Version 3 Protocol Specification, RFC 1813
>[3] SFS Read-only File System, USENIX OSDI 2000, http://www.fs.net/
>[4] XDR: External Data Representation, RFC 1014
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list