[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(Fwd) Authentication and encryption.

To: IPsec@ans.net
Subject: (Fwd) Authentication and encryption.
From: hughes@hughes.network.com (James P. Hughes)
Date: Wed, 31 Aug 1994 09:04:21 -0500
Cc: Ken.Hardwick@nsco.network.com

To: Steve Kent <kent@bbn.com>, uri@watson.ibm.com

I agree that encryption by itself does not create authentication.

I agree that strong authentication is necessary for things like contract and
other -non-reputable- applications.

What I am curious about is the combination of

	-strong encryption is used over
	-some form of message integrity check to detect garbage being sent in.
	 (Something much simpler than MD5.)

If the encryption is strong and the probability of garbage passing the
integrity check is low enough (2^-64 or less), then the knowledge of the shared
secret should be authentication of the source. If one can prove that to create
a valid integrity check one must calculate it against the data in the clear and
prove that the attacker must know the key. If you know only the sender (and
you) know the key, then authentication is proven.

Why would this not be acceptable for general traffic authentication when the
traffic is already being encrypted?

jim

Follow-Ups:

Re: (Fwd) Authentication and encryption.

From: uri@watson.ibm.com

Prev by Date: Re: IVs, summary of discussion
Next by Date: Re: (Fwd) Authentication and encryption.
Prev by thread: Re: IPSEC requirements
Next by thread: Re: (Fwd) Authentication and encryption.
Index(es):
- Main
- Thread