Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:22 ADT
Ron Rivest (rivest@theory.lcs.mit.edu)
Fri, 27 Mar 1998 18:50:08 -0500
No, you can't just use an unkeyed message digest scheme in most applications,
since the point of using a MAC is to prevent an adversary from modifying
or generated forged packets. Without a keyed system, it is easy for anyone
(including the adversary) to forge good packets. (Unkeyed systems are only
good to detect natural sources of error, not to prevent malicious error.)
Cheers,
Ron Rivest
------- Start of forwarded message -------
Return-Path: <CodherPlunks-errors@toad.com>
Date: Fri, 27 Mar 1998 08:41:32 +0000
From: Neil Dunbar <nd@hplb.hpl.hp.com>
Reply-To: nd@hplb.hpl.hp.com
Organization: Hewlett Packard Laboratories
Mime-Version: 1.0
To: CodherPlunks@toad.com
Subject: Re: chaffing and winnowing - some questions
References: <199803251924.OAA21940@mint-square.MIT.EDU> <351960B6.F296A789@syndata.com> <351AB605.DFBF06A6@infowest.com>
Content-Transfer-Encoding: 7bit
Sender: owner-CodherPlunks@toad.com
Precedence: bulk
Aaron D. Gifford wrote:
> What are the imlications of leaving out the data (wheat AND chaff) and
> just sending the MAC? It seems that this defeats (to some degree) the
> argument that the data is IN THE CLEAR.
Leaving out common sense, which seems to be a speciality
of government crypto policies - The argument over chaffing grows
increasingly sophistic. After all, what is happening essentially is that
two parties are communicating with a stream of data which can
only be rendered intelligible by possession of a secret key (the MAC
key). This, by any spook's definition, is encryption.
The fact that the plaintext bits are sent alongside the MACs is, as
some have pointed out, irrelevant. They are completely superfluous
to the message stream, which can be recovered without them.
[It reminds me of an old sketch in which the main character, in order
to defend his bigoted, anti Catholic views, defends his view of the
Pope being the Anti-Christ by saying "it's all there in the Gospel of
St. Matthew - you just have to jumble the words around a bit"].
The defence - "it wasn't me, guv'nor - someone else added the
other rubbish in the stream" will never wash. The government would
simply hold that you encoded your message stream in a way which
required deliberate action, and which was designed to hamper
intelligence (err... sorry, law enforcement) efforts. If you simply
wanted to be sure that your message stream wasn't being tampered
with, you could have used an unkeyed message digest system -
after all, what have you got to hide?
Neil
- --
- ------------------------------
Name: Neil Dunbar Email: nd@hplb.hpl.hp.com
Address: HP Laboratories, Filton Road, Stoke Gifford, Bristol BS12 6QZ
Tel: +44 (0) 117 922 9471 Fax: +44 (0) 117 922 9742
"If I could choose the life I lead, then I would be a spaceman..."
- --All statements are the author's own, and not the opinion of HP--
------- End of forwarded message -------
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:22 ADT