[114836] in cryptography@c2.net mail archive
Re: Gutmann Soundwave Therapy
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Feb 9 20:07:11 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: leichter_jerrold@emc.com, pgut001@cs.auckland.ac.nz
Cc: cryptography@metzdowd.com, ekr@networkresonance.com,
guus@sliepen.org, jamesd@echeque.com,
krstic@solarsail.hcs.harvard.edu
In-Reply-To: <Pine.SOL.4.61.0802071035180.9593@mental>
Date: Fri, 08 Feb 2008 20:59:46 +1300
"Leichter, Jerry" <leichter_jerrold@emc.com> writes:
>All of this ignores a significant issue: Are keying and encryption (and
>authentication) mechanisms really independent of each other? I'm not aware of
>much work in this direction.
Is there much work to be done here? If you view the keyex mechanism as a
producer of an authenticated blob of shared secrecy and the post-keyex
portions (data transfer or whatever you're doing) as a consumer of said blob,
with a PRF as impedance-matcher (as is done by SSL/TLS, SSH, IPsec, ..., with
varying degrees of aplomb, and in a more limited store-and-forward context
PGP, S/MIME, ...), is there much more to consider?
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
