[GTALUG] Netgear 5-port Gigabit switch -- $10 ?

[Lennart Sorensen]

On Sun, Mar 27, 2016 at 11:39:35AM -0400, Alvin Starr wrote:
> I do not know for sure but It was my understanding that if you know the
> payload it is possible to back calculate the encryption keys and
> invariably switches sent a standard banner and a Username: Password:.
> There may be better security with key based login and no password.
> On the other hand I am sure the encryption is good enough to stop all
> but nation states or folks like SPECTRE or KAOS.

It is not that simple.  DH key exchange works and has been used for a
long time now because it works.

> True but you also end up with standard pages on each login.

Good crypto protocols are very much designed to not be trivial to break
even with some known plain text.  It is a known obvious attack so they
are designed to protect against exactly that.

-- 
Len Sorensen