Greg Rose
Sun, 29 Jun 2008 12:25:55 -0700
Erik Ostermueller wrote:
If I exchange messages with a system and the messages are encrypted with a symmetric key, what further benefit would we get by using a MAC (Message Authentication Code) along with the message encryption? Being new to all this, using the encrytpion and MAC together seem redundant.
One of my favourite papers, by Steve Bellovin, is at http://www.usenix.org/publications/library/proceedings/sec96/bellovin.html
It shows a number of ways in which IPsec with encryption but no integrity can fail.
Abstract:The Internet Engineering Task Force (IETF) is in the process of adopting standards for IP-layer encryption and authentication (IPSEC). We describe a number of attacks against various versions of these protocols, including confidentiality failures and authentication failures. The implications of these attacks are troubling for the utility of this entire effort.
Greg. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]