[42868] in cryptography@c2.net mail archive
Re: IGE mode is broken (Re: IGE mode in OpenSSL)
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Sep 13 15:29:44 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 13 Sep 2006 16:32:47 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: "Kuehn, Ulrich" <Ulrich.Kuehn@telekom.de>
Cc: cryptography@metzdowd.com
In-Reply-To: <490A625B3DFD8A45B4A7F1ABA8DEA8B401C30A3E@S4DE9JSAAMU.ost.t-com.de>
Kuehn, Ulrich wrote:
>
>
>> From: Ben Laurie [mailto:ben@algroup.co.uk]
>>> Do I understand correctly? You do want that nobody is able to
>>> authenticate a message, however, it shall not be intelligible if
>>> manipulated with?
>> Correct. Minx (which is the only place I use IGE) avoids
>> traffic marking attacks in two ways:
>>
>> a) all messages are "correct"
>>
>> b) any attempt to mark a message results in its complete corruption
>>
>> See the Minx paper, http://www.apache-ssl.org/minx.pdf.
>>
> Looks interesting! Have you looked at Ron Rivest's Chaffing and Winnowing?
Yes. Not sure why its relevant?
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com