In article <010801c064d0$b64193a0$6000a8c0@em>, Enzo Michelangeli <[EMAIL PROTECTED]> wrote: >Apart from the parallelization-friendliness, wouldn't the same result be >achieved by encrypting the concatenation of the plaintext with a MAC >implemented through a fast error detection code (say, a sufficiently long >CRC)? Due to the presence of encryption, the security properties of the >inner MAC don't appear to really matter (as they would in the "DES-CBC >first, then HMAC-MD5" scenario mentioned in the draft for comparison). I may be misunderstanding what you are suggesting, but the construction that uses an encrypted CRC as a MAC is insecure. Eg. Stubblebine & Gligor[1] show attacks on protocols which encrypt the concatenation of a packet and a CRC-32 using DES-CBC. The properties of the MAC, encrypted or not, do appear to matter. I think, though, that the "parallelization-friendliness" of the result is much more interesting than being able to encrypt and MAC at the same time. - Nikita [1] "On Message Security in Cryptographic Protocols", IEEE Symposium on Security & Privacy, Oakland 1992.
- Re: IBM press release - encryption and authenti... Rodney Thayer
- Re: IBM press release - encryption and auth... Bram Cohen
- Re: IBM press release - encryption and ... Nikita Borisov
- Re: IBM press release - encryption ... Greg Rose
- Re: IBM press release - encryp... Nikita Borisov
- Re: IBM press release - encryption and authenti... Rich Salz
- Re: IBM press release - encryption and auth... Bram Cohen
- Re: IBM press release - encryption and auth... Paul Crowley
- Re: IBM press release - encryption and authenticatio... Steven M. Bellovin
- Re: IBM press release - encryption and authenti... Enzo Michelangeli
- Re: IBM press release - encryption and auth... Nikita Borisov
- Re: IBM press release - encryption and ... Bram Cohen
- Re: IBM press release - encryption and ... Enzo Michelangeli
- Re: IBM press release - encryption ... David Wagner
- Re: IBM press release - encryp... Enzo Michelangeli
- Re: IBM press release - encryp... Ben Laurie
- Re: Re: IBM press release - encryption and authentic... sao19677
- Re: IBM press release - encryption and authenticatio... Nikita Borisov
- Re: IBM press release - encryption and authenticatio... William Allen Simpson
- Re: IBM press release - encryption and authenti... David Wagner
- Re: IBM press release - encryption and auth... William Allen Simpson