Re: Generic CBC-MAC specification

[Ben Rogers <ben@Ascend.COM>]

Daniel Harkins writes:
>   The I-O resolution draft currently references Applied Cryptography
> for CBC-MACs. That was said to be inadequate and I'm merely trying
> to address the criticism. If most people feel that Applied Cryptography 
> is enough then I'll just leave it as it is. And I guess the burden is 
> on those who think it isn't enough since this involves a change. 
> 
>   Speak up now.

I was the one to convince Dan that Applied Cryptography was not
sufficient for RFC purposes.  (I was bothered because it was not free,
and no one could point me to a free specification.)  The biggest point,
however, is that AC does not make any mention of a standard method for
padding short input frames, which I made certain to do in my draft.
Moreover, there is not an adequate discussion of the security
implications of using CBC-MAC as a MAC (which I hope I've addressed
sufficiently in the discussion section of that draft).

Does anyone disagree with my rationale for another draft?


ben

---

Follow-Ups:

• Re: Generic CBC-MAC specification
• From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
• Re: Generic CBC-MAC specification
• From: "Derrell D. Piper" <ddp@network-alchemy.com>

References:

• Re: Generic CBC-MAC specification
• From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
• Re: Generic CBC-MAC specification
• From: Daniel Harkins <dharkins@cisco.com>

---

• Prev by Date: Re: PKI(Entrust) & IPsec
• Next by Date: Re: PKI(Entrust) & IPsec
• Prev by thread: Re: Generic CBC-MAC specification
• Next by thread: Re: Generic CBC-MAC specification
• Index(es):
  • Main
  • Thread