[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: pmetzger@lehman.com
From: Steve Kent <kent@BBN.COM>
Date: Mon, 28 Feb 94 17:02:49 -0500
Cc: Phil Karn <karn@qualcomm.com>, iab-retreat@isi.edu, mobile-ip@ossi.com, ipsec@ans.net
In-Reply-To: Your message of Mon, 28 Feb 94 16:42:55 -0500. <9402282143.AA10246@andria.lehman.com>

Perry,

	I think you may have misinterpreted Phil's point.  The use of
a signed or encrypted hash, at any layer, is still an application of
crypto for autehntication and integrity and thus subject to different
export controls than crypto useful for generic confidentiality.
Phil's point was that use of confidentiality in bulk (e.g., at lower
layers) can be used to provide some security for password-based user
authentication with limited deployment problems.  In contrast,
end-to-end authentication technology requires widespread deployment to
provide fine-grained protection.

	Confidentiality is applied in many link layer contexts without
benefit of cryptographic authentication.  However, depending on the
mode of use of cryptography, and the underlying error detection
mechanism, your statement about confidentiality being equivalent to
crypto-based authentication may be false.  For example, use of DES in
OFB mode offers no protection against modification (through
unpredictable error propagation) and thus it would be feasible for an
attacker to modify valid, encrypted messages to yield encrypted
messages that also would pass the non-cryptographic integrity checks
employed in our network protocols.

Steve

References:

No Subject

From: "Perry E. Metzger" <pmetzger@lehman.com>

Prev by Date: No Subject
Next by Date: No Subject
Prev by thread: No Subject
Next by thread: No Subject
Index(es):
- Main
- Thread