[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed changes to ESP (andf a little AH too)

To: uri@watson.ibm.com
Subject: Re: Proposed changes to ESP (andf a little AH too)
From: Rodney Thayer <rodney@sabletech.com>
Date: Sun, 23 Mar 1997 15:04:42 -0500
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

Would that mean that a transform combination of (outer AH, ESP, and inner
AH) be useful?  Or, of course, AH and ESP-with-authentication.

At 01:20 PM 3/23/97 -0500, you wrote:
>John Ioannidis says:
>> I'm all in favour of doing the encryption first and the authentication 
>> after, so that on receipt we can authenticate before we receive, but
>> wasn't there some cryptographic argument against that sort of thing?
>
>The main argument against doing encryption first and auth second would
>be - generally speaking there is no guarantee even if you verified the 
>CIPHERTEXT correctly,  that the PLAINTEXT finally obtained is the same
>as was sent.
>-- 
>Regards,
>Uri		uri@watson.ibm.com
>-=-=-=-=-=-=-
><Disclaimer>
>
>

--------
Rodney Thayer <rodney@sabletech.com>
PGP: BB1B6428 409129AC  076B9DE1 4C250DD8

Prev by Date: Re: Proposed changes to ESP (andf a little AH too)
Next by Date: Re: Proposed changes to ESP (andf a little AH too)
Prev by thread: Re: Proposed changes to ESP (andf a little AH too)
Next by thread: Re: Proposed changes to ESP (andf a little AH too)
Index(es):
- Main
- Thread