RE: very poor cygwin scp performance in some situations

[Igor Peshansky <pechtcha at cs dot nyu dot edu>]

On Tue, 28 Mar 2006, Dave Korn wrote:

> On 28 March 2006 16:32, Igor Peshansky wrote:
>
> >
> > I did read it.  The HSN patch is *much* more drastic than what I was
> > proposing.  Maybe I'm dense, but I don't see any impact on security from
> > changing the buffer size (as long as buffer overflows are properly
> > addressed).  After all, that buffer is used to store *encrypted* data,
> > right?
>
>   Trying to make inferences about these sorts of matters is incredibly
> difficult.
>
>   For instance, upping the buffer size to 64k might amplify the timing
> differences between successfully and unsuccessfully decrypted blocks enough to
> form a side-channel attack.
>
>   Or it might not, but the point is, that the kind of thing that looks like a
> direct and simple replacement of X for Y can have all sorts of unexpected
> knock-on consequences in crypto systems.
>
>   The SSH guys are probably right to err heavily on the side of caution.

Thanks for TITTTLing this.  In any case, I'm sure if I post something to
the openssh list, I'll get a detailed explanation of why I'm a naïve
newbie with no understanding of the security issues involved, plus the
full list of those issues.  At which point I'll crawl back into my hole to
digest it... :-)
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha@cs.nyu.edu | igor@watson.ibm.com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"