[9844] in cryptography@c2.net mail archive
Re: What's the state of the art in one-pass integrity/encryption?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Nov 25 13:05:19 2001
From: "Steven M. Bellovin" <smb@research.att.com>
To: Greg Rose <ggr@qualcomm.com>
Cc: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>,
cryptography@wasabisystems.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 25 Nov 2001 11:57:48 -0500
Message-Id: <20011125165749.3A6CA7B55@berkshire.research.att.com>
In message <4.3.1.2.20011125111612.024279c0@127.0.0.1>, Greg Rose writes:
>All of the early schemes were broken, as was the NSA's submission to the
>AES Modes of Operation workshop. However, three schemes, all similar in
>principal, have not only survived, but have proofs of correctness. The
>first was Charanjit Jutla's IAPM mode, another is Rogaway's OCB, and the
>third is from Gligor and Pompescu but I can't remember its name (I'm
>passing through SFO as I write this, so forgive me for not having
>references to hand).
>
>Phil Hawkes and I have extended IAPM (and I believe the method is
>applicable to the other modes too) so that you can authenticate parts of
>the message that are not encrypted, like IP headers for example. We sent
>public comments to NIST about this, or I cam post more detail if you need.
>
Rogaway's OCB is patent-pending -- see
http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-back.htm#patent:phil
Gligor and Donescu's NIST submission said that they had filed patent
applications, too: http://csrc.nist.gov/encryption/modes/workshop1/presentations/slides-gligor.pdf
And http://csrc.nist.gov/encryption/modes/workshop1/workshop-report.pdf
indicates that IBM has filed for patent applications on IAPM.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
