[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Results of quick survey

To: Lewis McCarthy <lew@cs.cornell.edu>
Subject: Re: Results of quick survey
From: Steve Crocker <crocker@cybercash.com>
Date: Thu, 23 May 1996 08:44:59 -0400
Cc: uri@watson.ibm.com, ipsec@TIS.COM
Sender: ipsec-approval@neptune.tis.com

At 7:58 PM 5/22/96, Lewis McCarthy wrote:
>Does anyone think it might be worthwhile to authenticate _both_ inside and
>outside the encryption ?  I.e. HMAC(DES-CBC(HMAC(data)))

Yes, I wondering the same thing.  And if one is going to authenticate both
inside and outside, is there an opportunity to share some of the work.
E.g.other than violating layering rather grossly, what else is wrong with
computing the hash of the plain text, the hash of the ciphertext and then
just one signature covering both hashes?  Two hash computations are still
required, and the receiver could still elect elect to ignore the outer
hash, but the cost would be lower and the tendency to ignore this outer
check would be lessened.

Steve

--------------------
Steve Crocker                                     Main: +1 703 620 4200
CyberCash, Inc.                                   Desk: +1 703 716 5214
2100 Reston Parkway                               Fax:  +1 703 620 4215
Reston, VA 22091                                  crocker@cybercash.com

Follow-Ups:

Re: Results of quick survey

From: Uri Blumenthal <uri@watson.ibm.com>

Prev by Date: Re: Whatever happend to compression?
Next by Date: Re: Results of quick survey
Prev by thread: Re: Results of quick survey
Next by thread: Re: Results of quick survey
Index(es):
- Main
- Thread