[Home] [Groups] - Message: [Prev in Group] [Next in Group]
28925: Re: [MUD-Dev] SSH Encryption on data stream
[Full Header] [Plain Text]
From: Amanda Walker <amanda@alfar.com>
Newsgroups: nu.kanga.list.mud-dev
Date: Sat, 11 Oct 2003 14:26:23 -0400
References: [1]
Organization: Kanga.Nu
On Friday, October 10, 2003, at 03:44 PM, Brian Hook wrote:
> Using industrial strength crypto would likely cause serious
> performance problems.
Only on the server side, but it would certainly be an added hardware
expense at the server end. On the client side, an modern gaming PC
can encrypt a single connection using AES or 3DES at 100Mbps without
much CPU impact.
> Also, SSH is a TCP protocol, so you couldn't use
> "my-game-over-SSH" as an option if you are UDP based.
Very much agreed. IPSEC might be a better choice, since (a) it'll
work with any kind of traffic, and (b) you can buy off the shelf
IPSEC accelerators for your data center. That said, nothing will
stop a hacker from finding a place to interpose a sniffer as long as
your client runs on a PC.
Better to not depend on your network link being secret for hack
resistance.
Amanda Walker
_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev