Re: Results of quick survey

["PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>]

I'll vote for SHA for all uses (AH, ESP) and hashing inside the encryption  
(ESP conf & integrity) ...  
  
  
Paul

-- BEGIN included message

• To: Phil,Karn,karn@qualcomm.com
• Subject: Re: Results of quick survey
• From: "Uri Blumenthal " <ipsec-approval@neptune.tis.com>
• Date: 22 May 96 17:40:32
• Cc: ipsec@tis.com
• Reply-to: uri@watson.ibm.com

Phil Karn says:
> One point about the relative ordering of authentication and encryption.
> Even though I can now do DES pretty fast, it's still true that if you
> wrap encryption outside authentication then you still have to perform
> both algorithms to determine that the packet is bogus. 

On the other hand, it is considered best to authenticate the
"final result" date, which is the plaintext. For "proving"
that this encrypted data was "kosher" strictly speaking,
is NOT equivalent to "proving" that the decrypted data
is what was sent (i.e. it may decrypt to different
things under different keys and so on)...

Do we care? [I understand your concern about performance.]
-- 
Regards,
Uri		uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>

-- END included message

---

• Prev by Date: Yet another SHA/MD5 comment .... my last
• Next by Date: Re: sha vs. md5
• Prev by thread: Re: Results of quick survey
• Next by thread: WG Last Call: AH Transforms to Proposed Standard
• Index(es):
  • Main
  • Thread