[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Proposed changes to ESP (andf a little AH too)
John Ioannidis says:
> I'm all in favour of doing the encryption first and the authentication
> after, so that on receipt we can authenticate before we receive, but
> wasn't there some cryptographic argument against that sort of thing?
The main argument against doing encryption first and auth second would
be - generally speaking there is no guarantee even if you verified the
CIPHERTEXT correctly, that the PLAINTEXT finally obtained is the same
as was sent.
--
Regards,
Uri uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>
Follow-Ups:
References: