Jon Earle <[EMAIL PROTECTED]> writes:
> At 07:36 AM 3/7/00 -0800, you wrote:
> >Karl Denninger <[EMAIL PROTECTED]> writes:
> > > Well, confidentiality implies integrity, in that a tampered data stream
> > > won't decode. Public key crypto with a known certification on the public
> > > key provides non-repudiation (assuming the private key has not been
> > > compromised)
>
> >This is absolutely not true.
> >
> >Consider a data stream enciphered with RC4. It's perfectly
> >easy to undetectably flip any plaintext bit by
> >flipping the corresponding ciphertext bit. If you know the
> >plaintext, you can modify it predictably.
>
> Perhaps... but isn't this impractical? The key phrase here is "If you know the
> plaintext...".
If you know the plaintext you can make PREDICTABLE changes. Without
the plaintext, you can make arbitrary undetected changes.
> How would one know if a random, encrypted stream is a
> recipe, a love letter, or a secret message to religious extremists? It all
> just looks like encrypted packets.
You can tell an incredible amount from traffic analysis.
For instance, connections on port 443 are almost always HTTP
over SSL. If you've been looking at the previous HTTP traffic
between this client and server pair, you can often get a pretty
good idea of what the first encrypted message is.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
