RE: The Register: OpenVMS among most-secure of operating systems

From: Dan Allen (dallen_at_nist.gov)
Date: 01/22/04

• Next message: Michael D. Ober: "VMS authentication to Windows AD"
• Previous message: JF Mezei: "Re: [ANN] First Annual VAXUS Symposium in Paris (French communiqué)"
• Maybe in reply to: Keith Parris: "The Register: OpenVMS among most-secure of operating systems"
• Next in thread: Bob Koehler: "Re: The Register: OpenVMS among most-secure of operating systems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Thu, 22 Jan 2004 09:46:40 -0500

> -----Original Message-----
> From: Bob Koehler [mailto:koehler@eisner.nospam.encompasserve.org]
> Sent: Thursday, January 22, 2004 8:41 AM
> To: Info-VAX@Mvb.Saic.Com
> Subject: RE: The Register: OpenVMS among most-secure of operating
> systems
>
>
> In article <BCEGLBGJDODLELBJIADKKECMCMAA.dallen@nist.gov>, "Daniel Allen" <dallen@nist.gov> writes:
>
> > It helps if you start with security as job 1.
>
> I would not claim that for VMS 1 on VAXen. (Not a great password
> encryption algorithm.) It really did start to hit the ground on
> security at about VMS 4.0, and after a well known non-technical hack.

        Nor stable at V1 ;-) hence the installation of V2. A 32 bit virtual address space was obviously the primary design goal of
VAX/VMS. I was simply alluding to the number of security features, VAX calling standard, system of named priviliges, consistent
system service parameter checking, ... that was present even at that early stage. That showed a serious early on focus on a robust
security model - weak password algorithm et al not withstanding. That's an item missing from the ingredient list of the Snake Oil(s)
shipping at that time.

Dan
>
>
>

---

• Next message: Michael D. Ober: "VMS authentication to Windows AD"
• Previous message: JF Mezei: "Re: [ANN] First Annual VAXUS Symposium in Paris (French communiqué)"
• Maybe in reply to: Keith Parris: "The Register: OpenVMS among most-secure of operating systems"
• Next in thread: Bob Koehler: "Re: The Register: OpenVMS among most-secure of operating systems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Update on my Enc+Auth Mode ... > through the encryption algorithm (that has the effect ... in OCB he never proves that OCB is secure. ... under certain instances you reduce OCB to the security of the cipher. ... (sci.crypt) Re: Encryption key changing the encryption logic. ... and the security is in the key. ... > the key could build part of the logic inside the encryption algorithm? ... to mean that the crypto system itself is fully transparent and that all the ... Let's suppose we change gears slightly and consider the key to be a "tape" ... (sci.crypt) Re: Password length and bit number of encryption algorithm? ... The password factor and the encryption algorithm choice factor are two ... somewhat independent security issues to consider. ... On the other side it will be pointless to use a robust password model ... that allow to use an huge keyspace if the encryption algorithm used is ... (sci.crypt) Re: Password length and bit number of encryption algorithm? ... The password factor and the encryption algorithm choice factor are two ... somewhat independent security issues to consider. ... On the other side it will be pointless to use a robust password model ... that allow to use an huge keyspace if the encryption algorithm used is ... (sci.crypt) Re: TEA security ... > How does TEA (Tiny Encryption Algorithm) hold up in terms of security? ... Lack of any sound theory and the design paper lacks test vectors. ... (sci.crypt)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)