[MUD-Dev] SSH Encryption on data stream

Amanda Walker amanda at alfar.com
Sat Oct 11 14:26:23 New Zealand Daylight Time 2003


On Friday, October 10, 2003, at 03:44 PM, Brian Hook wrote:

> Using industrial strength crypto would likely cause serious
> performance problems.

Only on the server side, but it would certainly be an added hardware
expense at the server end.  On the client side, an modern gaming PC
can encrypt a single connection using AES or 3DES at 100Mbps without
much CPU impact.

> Also, SSH is a TCP protocol, so you couldn't use
> "my-game-over-SSH" as an option if you are UDP based.

Very much agreed.  IPSEC might be a better choice, since (a) it'll
work with any kind of traffic, and (b) you can buy off the shelf
IPSEC accelerators for your data center.  That said, nothing will
stop a hacker from finding a place to interpose a sniffer as long as
your client runs on a PC.

Better to not depend on your network link being secret for hack
resistance.

Amanda Walker
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev



More information about the MUD-Dev mailing list