Re: Authenticated cipher modes

To: dfawcus%cisco.com@localhost, henrick%streamsec.se@localhost
Subject: Re: Authenticated cipher modes
From: pgut001%cs.auckland.ac.nz@localhost (Peter Gutmann)
Date: Mon, 18 Apr 2005 22:41:41 +1200

Derek Fawcus <dfawcus%cisco.com@localhost> writes:

>I've not read Helix.  However in general I'd assumed that use of a encryption
>including integrity algorithm could always simply be used with SSH by
>choosing a SSH MAC of "none".  Certainly that's what I thought when I was
>considering hacking in use of OCB.

That doesn't seem right, it implies there's no MAC at all, and could lead to
problems with e.g. an encryption algorithm of 3DES and a MAC of none.  I think
it'd be more intuitive (and safer) to require that both the crypto and MAC
algorithm to have the same value, since crypto = MAC and MAC = crypto.

Peter.

Follow-Ups:
- Re: Authenticated cipher modes
  - From: Derek Fawcus

References:
- Re: Authenticated cipher modes
  - From: Derek Fawcus

Prev by Date: Re: Authenticated cipher modes
Next by Date: Re: Authenticated cipher modes
Previous by Thread: Re: Authenticated cipher modes
Next by Thread: Re: Authenticated cipher modes
Indexes:

Home | Main Index | Thread Index | Old Index