[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A hole in esp-stream-01

To: JMKELSEY@delphi.com
Subject: Re: A hole in esp-stream-01
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Tue, 29 Oct 1996 23:24:46 +0100 (MET)
Cc: ipsec@TIS.COM
In-Reply-To: <01IB31SYGDLU8ZINVB@delphi.com> from "JMKELSEY@delphi.com" at Oct 26, 96 03:36:33 am
Sender: ipsec-approval@neptune.tis.com

JMKELSEY@delphi.com wrote:
> Now, remember, we turned the high bit off in the ciphertext byte,
> and on in the plaintext byte.  What this means is that we subtracted
> 128 from the ciphertext byte, and added it back in the plaintext
> byte.  Thus, (C[4]* + P[4]*) = (C[4] + P[4]).
> 
> If we have to also deal with the CRC of this, so long as the CRC
> polynomial is known, we can just flip the bits that would have
> changed in the CRC, right?

Right. Consider my proposals to 'fix' esp-stream as retracted. It either has
to be a real (fast) MAC, or a note in the 'Security Considerations'. What do
you people prefer?

Germano

References:

Re: A hole in esp-stream-01

From: JMKELSEY@delphi.com

Prev by Date: Re: independence of keying material for multiple transforms
Next by Date: Re: proposed IPSEC changes/extensions
Prev by thread: Re: A hole in esp-stream-01
Next by thread: Re: A hole in esp-stream-01
Index(es):
- Main
- Thread