IETF Logo Mail Archive

Re: [Cfrg] Request For Opinions

daw@mozart.cs.berkeley.edu (David Wagner) Sat, 10 May 2003 18:37 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA05083 for <cfrg-archive@odin.ietf.org>; Sat, 10 May 2003 14:37:00 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4AI1d306952 for cfrg-archive@odin.ietf.org; Sat, 10 May 2003 14:01:39 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4AI1dB06949 for <cfrg-web-archive@optimus.ietf.org>; Sat, 10 May 2003 14:01:39 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA05061 for <cfrg-web-archive@ietf.org>; Sat, 10 May 2003 14:36:29 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19EZEr-0004fD-00 for cfrg-web-archive@ietf.org; Sat, 10 May 2003 14:38:29 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19EZEq-0004ex-00 for cfrg-web-archive@ietf.org; Sat, 10 May 2003 14:38:28 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4AHv4B06715; Sat, 10 May 2003 13:57:04 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4AHuqB06580 for <cfrg@optimus.ietf.org>; Sat, 10 May 2003 13:56:52 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA04948 for <cfrg@ietf.org>; Sat, 10 May 2003 14:31:42 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19EZAE-0004cd-00 for cfrg@ietf.org; Sat, 10 May 2003 14:33:42 -0400
Received: from abraham.cs.berkeley.edu ([128.32.37.170] helo=mx2.cypherpunks.ca) by ietf-mx with esmtp (Exim 4.12) id 19EZA8-0004cV-00 for cfrg@ietf.org; Sat, 10 May 2003 14:33:36 -0400
X-Envelope-To: cfrg@ietf.org
Received: (from news@localhost) by mx2.cypherpunks.ca (8.11.0/8.11.0) id h4AI8TU17298 for cfrg@ietf.org; Sat, 10 May 2003 11:08:29 -0700
To: cfrg@ietf.org
Path: not-for-mail
From: daw@mozart.cs.berkeley.edu
Newsgroups: isaac.lists.ietf-cfrg
Subject: Re: [Cfrg] Request For Opinions
Date: Sat, 10 May 2003 18:08:29 +0000
Organization: University of California, Berkeley
Lines: 20
Distribution: isaac
Message-ID: <b9jf6t$gmn$2@abraham.cs.berkeley.edu>
References: <F6242D340921D5118D1E00508BB9837A0188BF94@tlnmail1.toplayer .com> <4.3.2.7.1.20030509172533.092f1650@mail.attbi.com> <4.3.2.7.1.20030510022803.023ecee0@mail.attbi.com>
NNTP-Posting-Host: mozart.cs.berkeley.edu
X-Trace: abraham.cs.berkeley.edu 1052590109 17111 128.32.153.211 (10 May 2003 18:08:29 GMT)
X-Complaints-To: news@abraham.cs.berkeley.edu
NNTP-Posting-Date: 10 May 2003 18:08:29 GMT
X-Newsreader: trn 4.0-test74 (May 26, 2000)
Originator: daw@mozart.cs.berkeley.edu (David Wagner)
Sender: cfrg-admin@ietf.org
Errors-To: cfrg-admin@ietf.org
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>

Alex Alten  wrote:
>At 01:04 AM 5/10/2003 +0000, David Wagner wrote:
>>Maybe I misunderstood your suggestion, but this strikes me as bad
>>advice.  Encryption without authentication (e.g., a MAC or a signed
>>hash) often leads to security holes.  Using per-packet keys is no
>>substitute for authentication.
>
>Yes, this is unusual and doesn't fit his requirements.  One design I
>worked on was retrofitting an old protocol and I had to give up using a
>hash (not enough room in the legacy header and I couldn't change
>packet sizes or tunnel). In this case I was more concerned with raw
>privacy than anything else.

That still sounds a bad idea.  For anyone else who might be reading
this, let me innoculate you against a popular misconception: contrary to
what intuition might suggest, encryption without authentication doesn't
necessarily provide privacy.  It sounds counter-intuitive, but it's true.
Trust me.  We've been through this with IPSec, with SSH, and with WEP,
and it just keeps become more and more clear.  Even if all you want is
confidentiality, you still want to use *both* encryption and a MAC.
_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

v2.46.0 | Report a Bug | By Email | System Status