[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (Fwd) Authentication and encryption.




> I don't think so because smart attacker could devise methods to
> tamper with the data without disturbing a "normal" integrity check,
> designed to stop garbage (i.e. not a malicious attack).

The CRC under the encryption is not a "normal" integrity check. "Normal"
integrity checks are over the entire encrypted packet and protect the data from
random noise. i.e. CRC32 on Ethernet.

Is it your assertion that "that the attacker must know the key" to reliabily
change the data can not be proven?

jim




Follow-Ups: References: