VPN-1 FWZ
Rodney Thayer
rodney at TILLERMAN.TO
Mon Jan 24 09:33:58 EST 2000
[If there's a Checkpoint person in the room I'm sure they'll
overtake this comment ;-) ]
FWZ is a proprietary algorithm/scheme. As such, it's use is
severely frowned upon by the crypto/security plumbing community.
It's not published, which means there's no peer review.
In all fairness, you CAN use real algorithms, such as 3DES, with
that product, but you should think carefully before using anybody's
proprietary undocumented unaudited unanalyzed crypto. It's hard enough
finding safe choices among the validated ones.
At 12:11 PM 1/22/00 +0100, Markus Hofmann wrote:
>Hello!
>
>Does anyone has detailed protocol descriptions about Checkpoint VPN-1 FWZ
>Authentication Protocol and Encryption Algorithm?
>O.k. I already read, that they use DH, 512 Bits RSA Keys, CAST, DEs, 3DES
>and so on - but no detailed protocol description how all the stuff is
>fitted togehter in FWZ (i.e. how the authentication like SecurID or S/Key
>is integrated in this protocol).
>
>yours sincerely
>
>M. Hofmann
>
>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>Markus Hofmann Phone: +49 170 2848250
>St. Urbanusstr. 15 Fax: +49 9371 2032
> E-Mail: hofmann at hofmar.de
>63927 Buergstadt SMS-Mail: sms at hofmar.de (Only Subject)
>Germany PGP-Keys: look at http://www.hofmar.de
>---------------------------------------------------------------------
> Only written with 100% recycleable electrons!
>
>VPN is sponsored by SecurityFocus.COM
>
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list