[8276] in cryptography@c2.net mail archive
Re: IBM press release - encryption and authentication
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Wed Dec 13 22:57:17 2000
Message-ID: <010801c064d0$b64193a0$6000a8c0@em>
From: "Enzo Michelangeli" <em@who.net>
To: "Steven M. Bellovin" <smb@research.att.com>,
"P.J. Ponder" <ponder@freenet.tlh.fl.us>
Cc: <cryptography@c2.net>
Date: Wed, 13 Dec 2000 14:47:59 +0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Apart from the parallelization-friendliness, wouldn't the same result be
achieved by encrypting the concatenation of the plaintext with a MAC
implemented through a fast error detection code (say, a sufficiently long
CRC)? Due to the presence of encryption, the security properties of the
inner MAC don't appear to really matter (as they would in the "DES-CBC
first, then HMAC-MD5" scenario mentioned in the draft for comparison).
Enzo
----- Original Message -----
From: "Steven M. Bellovin" <smb@research.att.com>
To: "P.J. Ponder" <ponder@freenet.tlh.fl.us>
Cc: <cryptography@c2.net>
Sent: Saturday, December 09, 2000 8:50 AM
Subject: Re: IBM press release - encryption and authentication
> In message
<Pine.OSF.4.21.0012071536170.17492-100000@fn3.freenet.tlh.fl.us>, "P
> .J. Ponder" writes:
> >from: http://www.ibm.com/news/2000/11/30.phtml
> >
> >IBM develops algorithm that encrypts and authenticates simultaneously
> >
>
> More precisely, this is a new mode of operation that does encryption
> and authentication in one pass. It's also amenable to parallelization,
> thus making it suitable for very high speed networks. (Traditional
> modes of operation, such as CBC, are problematic, since every block
> depends on the encryption of the previous block.)
>
> --Steve Bellovin
>
>
>
