Re: [Cfrg] draft-housley-ccm-mode-00.txt

[Greg Rose <ggr@qualcomm.com>]

At 03:59 PM 8/15/2002 -0400, Housley, Russ wrote:
>I understand the conventional wisdom that you are offering.  However, 
>authenticated encryption (using a single key) has been an area of recent 
>research.  IAPM, OCB, and CCM are approaches.

Yes, and look at how much trouble those (XECB, IAPM, OCB) methods go to, to 
derive unknowable inputs to combine with the data for the authentication 
process. CCM, on the other hand, provides lots of potentially known 
plaintext/ciphertext blocks from the counter mode for an attacker to play 
MAC games with.

I remain uncomfortable. But I can't spend time at the moment, so I withdraw 
my beginning objection.

regards,
Greg.



Greg Rose                                       INTERNET: ggr@qualcomm.com
Qualcomm Australia          VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,                http://people.qualcomm.com/ggr/
Gladesville NSW 2111    232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C


_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg