[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IVs, summary of discussion

To: kent@BBN.COM (Steve Kent)
Subject: Re: IVs, summary of discussion
From: uri@watson.ibm.com
Date: Mon, 29 Aug 1994 19:15:26 -0500 (EDT)
Cc: karn@qualcomm.com, ipsec@ans.net
In-Reply-To: <199408292218.AA21734@interlock.ans.net> from "Steve Kent" at Aug 29, 94 06:15:49 pm
Reply-To: uri@watson.ibm.com

Steve Kent says:
> 	In principle, I agree with your observations, i.e., encryption
> need not confer authentication nor even be designed to support
> authentication.  The two are separable services (confidentiality and
> integrity, really, with authentication a side effect of key management
> for integrity).  However, I do worry about users who don't appreciate
> the difference selecting encryption only (because of a performance
> concern) and being vulnerable to attacks that they didn't understand.

Well, how about users whose applications are inherently resistent
to integrity-violation attacks, and who consciously care only
about privacy?
--
Regards,
Uri         uri@watson.ibm.com      acheron!angmar!uri 	N2RIU
-----------
<Disclamer>

Follow-Ups:

Re: IVs, summary of discussion

From: Steve Kent <kent@BBN.COM>

References:

Re: IVs, summary of discussion

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: IVs, summary of discussion
Next by Date: Re: IVs, summary of discussion
Prev by thread: Re: IVs, summary of discussion
Next by thread: Re: IVs, summary of discussion
Index(es):
- Main
- Thread