Using a MAC in addition to symmetric encryption
Greg Rose
ggr at qualcomm.com
Sun Jun 29 15:07:40 EDT 2008
Erik Ostermueller wrote:
> If I exchange messages with a system and the messages are encrypted with a symmetric key, what further benefit would we get by using a MAC (Message Authentication Code) along with the message encryption?
> Being new to all this, using the encrytpion and MAC together seem redundant.
One of my favourite papers, by Steve Bellovin, is at
http://www.usenix.org/publications/library/proceedings/sec96/bellovin.html
It shows a number of ways in which IPsec with encryption but no
integrity can fail.
Abstract:
The Internet Engineering Task Force (IETF) is in the process of adopting
standards for IP-layer encryption and authentication (IPSEC). We
describe a number of attacks against various versions of these
protocols, including confidentiality failures and authentication
failures. The implications of these attacks are troubling for the
utility of this entire effort.
Greg.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list