On Tue, Aug 19, 2014 at 7:53 AM, Brandon Williams <[email protected]> wrote: > This approach does not meet the security requirements that I'm interested > in: MITM is authorized to reframe the data stream for transport optimization > purposes, but is not authorized to decrypt or inject data. Splitting > transport layer authentication at the TCP termination points could be done > without violating the security policy, but splitting tcpcrypt could not, at > least not as it's currently defined.
If the octet stream has nested framing (basically a length an authentication tag) then the properties you want can be had and you can still have CB and the proxy needn't be trusted. It costs more overhead, but not because of CB but because what you want + integrity protection pretty much requires extra overhead (unless I'm missing something). If you want encryption without integrity protection, then I'm afraid that's a bad idea. Nico -- _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
