very poor cygwin scp performance in some situations
Dave Korn
dave.korn@artimi.com
Tue Mar 28 15:41:00 GMT 2006
On 28 March 2006 16:32, Igor Peshansky wrote:
>
> I did read it. The HSN patch is *much* more drastic than what I was
> proposing. Maybe I'm dense, but I don't see any impact on security from
> changing the buffer size (as long as buffer overflows are properly
> addressed). After all, that buffer is used to store *encrypted* data,
> right?
Trying to make inferences about these sorts of matters is incredibly
difficult.
For instance, upping the buffer size to 64k might amplify the timing
differences between successfully and unsuccessfully decrypted blocks enough to
form a side-channel attack.
Or it might not, but the point is, that the kind of thing that looks like a
direct and simple replacement of X for Y can have all sorts of unexpected
knock-on consequences in crypto systems.
The SSH guys are probably right to err heavily on the side of caution.
cheers,
DaveK
--
Can't think of a witty .sigline today....
More information about the Cygwin-talk
mailing list