next up previous contents
Next: Background Up: Secure Telnet Previous: List of Figures

Introduction

tex2html_wrap1182

Telnet is a protocol, and an application with the same name, which allows users to log in on remote computers.

Most Telnet applications which are in use today provide no security to its users. All data is sent in plain-text format. This means that an adversary can obtain passwords and other sensitive material just by monitoring the data link. An active intruder can modify the transferred data, and even insert new data in the data flow. This will not be detected by the traditional, insecure, Telnet protocol [2].

Telnet is normally used in TCP/IP networks, but the protocol definition is independent of the underlying network. By adding security functions to the Telnet protocol, we get a secure communication system which is independent of the security provided by the underlying network.

This thesis proposes solutions to the following problems:

The solutions are based on existing standards and cryptological methods. It is the intention that a complete, working Secure Telnet application can be implemented based on the standards proposed in this thesis.

This thesis considers the protocol specific and cryptological issues only. The user interface and installation issues are only briefly mentioned.

Chapter 2 describes protocol standards, cryptographic algorithms and the PGP program. Chapter 3 contains the main part of the thesis, the goals and design of the proposed authentication, encryption, and integrity options. Chapter 4 discusses the proposed solutions and adds some recommendations on their use. The last chapter sums up the main design choices and what is gained by making them.


next up previous contents
Next: Background Up: Secure Telnet Previous: List of Figures

Asgaut Eng
Wed Apr 10 14:07:30 MET DST 1996