1996-01-25 - Re: Why is blowfish so slow? Other fast algorithms?

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: “James A. Donald” <jamesd@echeque.com>
Message Hash: febcde0d3494b482b432764d06a7014ad0f55768d9c06942703d8ce2c3227800
Message ID: <199601250638.BAA14178@jekyll.piermont.com>
Reply To: <199601250629.WAA16623@mailx.best.com>
UTC Datetime: 1996-01-25 08:22:16 UTC
Raw Date: Thu, 25 Jan 1996 16:22:16 +0800

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 25 Jan 1996 16:22:16 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Why is blowfish so slow? Other fast algorithms?
In-Reply-To: <199601250629.WAA16623@mailx.best.com>
Message-ID: <199601250638.BAA14178@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" writes:
> At 07:32 PM 1/23/96 -0500, David A Wagner wrote:
> 
> >If you want authentication, you must use a crypto-strength MAC.
> >Encryption (be it RC4, DES, etc.) is not enough.
> 
> Not so:  If the message is encrypted and checksummed with a simple
> not non cryptographic checksum, this gives you everything a MAC 
> gives you, plus the message is secret.

Not so. There are unfortunate tricks that can be played here because
some encryptions preserve properties of the underlying text (like
parity) and some checksums can be manipulated because of the same.

I've asked the crypto types for information on simplified faster MACs
for use in authentication protocols for IPSEC and I have yet to get a
straight answer, so for the moment I'm erring on the side of caution, too.

Perry





Thread