Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:20 ADT
Mordechai Ovits (movits@syndata.com)
Fri, 27 Mar 1998 10:35:50 -0500
Bill Stewart wrote:
>
> At 01:03 PM 3/25/98 -0500, Mordechai Ovits wrote:
> >Why not just use plain old sequence numbers, and discard those with bad
> >MACs? The advantage of doing it this way is that you can alter the
> >ratio of chaff to wheat below 1:1. This could help alleviate the size
> >issue. It would look like this -
> >(1,0,335683) // good bit
> >(2,1,484653) // bad mac, discard
> >(3,1,373636) // good bit
> >(4,0,345732) // good bit
> >(5,0,237345) // bad mac discard
>
> You could do that, but then the sequence numbers no longer tell you
> if you've gotten all the bits, missed some, or gotten extras,
> which is the point of having sequence numbers at all.
> Also, some of the real security of Rivest's method is that
> for each message bit, you have both a 0 and a 1 as possibilities,
> and there's no way to tell which is real.
>
> Thanks!
> Bill
> Bill Stewart, bill.stewart@pobox.com
> PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Actually, the sequence numbers do something a lot more important than
just tell you if you missed a packet. The sequence number assures you
that the MAC for all the zeros will be different! If you didn't include
the sequence number with the bit, all the zeros would hash to the same
value! Naturally, the same thing applies to the ones.
Besides for that, I suggested that the sequence numbers be removed
*only* if you have a _reliable_ connection like TCP, as opposed to UDP.
If the connection will guarantee that your message arrives, and can be
reconstructed in the correct order, there is no need to *send* the
sequence number, but you still must use it to calculate the MAC.
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:20 ADT