IGE mode is broken (Re: IGE mode in OpenSSL)
Kuehn, Ulrich
Ulrich.Kuehn at telekom.de
Wed Sep 13 08:22:58 EDT 2006
> From: Ben Laurie [mailto:ben at algroup.co.uk]
> > Do I understand correctly? You do want that nobody is able to
> > authenticate a message, however, it shall not be intelligible if
> > manipulated with?
>
> Correct. Minx (which is the only place I use IGE) avoids
> traffic marking attacks in two ways:
>
> a) all messages are "correct"
>
> b) any attempt to mark a message results in its complete corruption
>
> See the Minx paper, http://www.apache-ssl.org/minx.pdf.
>
Looks interesting! Have you looked at Ron Rivest's Chaffing and Winnowing?
Cheers,
Ulrich
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list