[42868] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: IGE mode is broken (Re: IGE mode in OpenSSL)

daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Sep 13 15:29:44 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 13 Sep 2006 16:32:47 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: "Kuehn, Ulrich" <Ulrich.Kuehn@telekom.de>
Cc: cryptography@metzdowd.com
In-Reply-To: <490A625B3DFD8A45B4A7F1ABA8DEA8B401C30A3E@S4DE9JSAAMU.ost.t-com.de>

Kuehn, Ulrich wrote:
>  
> 
>> From: Ben Laurie [mailto:ben@algroup.co.uk] 
>>> Do I understand correctly? You do want that nobody is able to 
>>> authenticate a message, however, it shall not be intelligible if 
>>> manipulated with?
>> Correct. Minx (which is the only place I use IGE) avoids 
>> traffic marking attacks in two ways:
>>
>> a) all messages are "correct"
>>
>> b) any attempt to mark a message results in its complete corruption
>>
>> See the Minx paper, http://www.apache-ssl.org/minx.pdf.
>>
> Looks interesting! Have you looked at Ron Rivest's Chaffing and Winnowing? 

Yes. Not sure why its relevant?

-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post