1995-01-27 - Re: CERT statement
Header Data
From: Thomas Grant Edwards <tedwards@src.umd.edu>
To: “Perry E. Metzger” <perry@imsi.com>
Message Hash: 84456458f91801d12ec01df73b544868cbbc8a335165fe4de52bcdb8e438cb78
Message ID: <Pine.SUN.3.91.950127140107.22225C-100000@thrash.src.umd.edu>
Reply To: <9501271852.AA19504@snark.imsi.com>
UTC Datetime: 1995-01-27 19:09:38 UTC
Raw Date: Fri, 27 Jan 95 11:09:38 PST
Raw message
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 27 Jan 95 11:09:38 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: CERT statement
In-Reply-To: <9501271852.AA19504@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950127140107.22225C-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 27 Jan 1995, Perry E. Metzger wrote:
> If things are merely encrypted, an attacker can garble them without
> being caught -- I can "decrypt" random numbers into other random
> numbers if I want. Think of an attacker trying to sabotage the
> transfer of a binary file and you'll see why you need authentication.
You certainly need some kind of encrypted secure checksum (MAC) to ensure
message integrity. I don't think you have to go through the
entire authentication of the principal. (Though as V. Gligor keeps
showing, even if you have a MAC at the end of your data, there are still
some kinds of integrity attacks which are possible if you are not careful
about how MACs and encryption is used).
Now if you are talking about simple denial-of-service (detected tampering
or traffic flooding), that is another more difficult story.
-Thomas
Thread
Return to January 1995
- Return to ““Ian Farquhar” <ianf@sydney.sgi.com>”
- Return to “Marc Horowitz <marc@cam.ov.com>”
- Return to ““Perry E. Metzger” <perry@imsi.com>”
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”
- 1995-01-26 (Thu, 26 Jan 95 13:39:44 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:23:19 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 10:50:35 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 11:32:12 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-30 (Sun, 29 Jan 95 16:03:30 PST) - Re: CERT statement - “Ian Farquhar” <ianf@sydney.sgi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>