[13687] in cryptography@c2.net mail archive
Re: authentication and ESP
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sun Jun 22 18:45:52 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "John S. Denker" <jsd@monmouth.com>
Cc: martin f krafft <madduck@madduck.net>,
crypto list <cryptography@metzdowd.com>
From: "Perry E. Metzger" <perry@piermont.com>
Date: 22 Jun 2003 18:45:35 -0400
In-Reply-To: <3EF61C83.2010906@monmouth.com>
"John S. Denker" <jsd@monmouth.com> writes:
> On 06/19/2003 01:49 PM, martin f krafft wrote:
> > As far as I can tell, IPsec's ESP has the functionality of
> > authentication and integrity built in:
>
> It depends on what you mean by "built in".
> 1) The RFC provides for ESP+authentication but
> does not require ESP to use authentication.
I don't know what you mean. Yes, ESP doesn't per se forbid the
construction of a new algorithm/mode that doesn't do authentication,
but all of the ESP algorithms/modes currently in use do
authentication.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
