Re: DES MAC Alternative

Steve,

I also don't see much of a need for using DES MAC in PEM particularly
since it doesn't provide integrity protection or functionality that is
not already present without it.  If there were other reasons why the
continued use of DES MAC in PEM were important, then, after careful
review, one might consider novel uses of DES MAC such as the Double
DES MAC that we propose in our paper.

Some uses of DES MAC clearly fail the test that an originator
may be able to construct two messages which hash to the same value.
This is why designers using DES MAC may require random text in the
beginning of the hashed value.  Alternatively, the Double DES MAC
appears to alleviates this problem. Thus, perhaps a primary drawback 
in the use of DES MAC is that care must be taken when using it in
designs.  Provided the use of the DES MAC variant, Double DES MAC,
"adequately" limits the probability that the originator can produce
two messages with the same hash value, then one need not differentiate
the security services when using Double DES MAC and MDx in PEM.

Stuart

<Prev in Thread]	Current Thread	[Next in Thread>
DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Steve Kent Re: DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Steve Kent Re: DES MAC Alternative, shirey Re: DES MAC Alternative, Stephen D Crocker Re: DES MAC Alternative, Stuart Stubblebine Re: DES MAC Alternative, Stuart Stubblebine <=

Previous by Date:	[Internet-Drafts(_at_)CNRI(_dot_)Reston(_dot_)VA(_dot_)US: ID ACTION:draft-ietf-pem-algorithms-02.txt], David M. Balenson
Next by Date:	John Gilmore vs. NSA, shirey
Previous by Thread:	Re: DES MAC Alternative, Stuart Stubblebine
Next by Thread:	Recommendation of advancement of PEM specs, Stephen D Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]