Kuehn, Ulrich wrote: > > >> -----Original Message----- From: Ben Laurie >> [mailto:[EMAIL PROTECTED] Sent: Samstag, 9. September 2006 22:39 >> To: Adam Back Cc: Travis H.; Cryptography; Anton Stiglic Subject: >> Re: IGE mode is broken (Re: IGE mode in OpenSSL) >> > [...] >> In any case, I am not actually interested IGE itself, rather in >> biIGE (i.e. IGE applied twice, once in each direction), and I don't >> care about authentication, I care about error propagation - >> specifically, I want errors to propagate throughout the plaintext. >> >> In fact, I suppose I do care about authentication, but in the >> negative sense - I want it to not be possible to authenticate the >> message. >> > > Do I understand correctly? You do want that nobody is able to > authenticate a message, however, it shall not be intelligible if > manipulated with?
Correct. Minx (which is the only place I use IGE) avoids traffic marking attacks in two ways: a) all messages are "correct" b) any attempt to mark a message results in its complete corruption See the Minx paper, http://www.apache-ssl.org/minx.pdf. > Or do you want that the authentication test fails if the message has > been tampered with? No. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]