[E-Lang] Combining strong authentication and secrecy protocols.
Mon, 19 Feb 2001 15:37:45 -0800
I am pleased to have run across an idea from Xerox called CBCC. I
don't have the precise details of their code but the idea is
extraordinarily simple. If you include a simple checksum in the
plaintext and code and decode using CBC check the sum then you have
strong authentication. See <http://cap-lore/Crypto/StackLev.html> for
more details. In the context of E this could be used to encrypt and
authenticate, the authentication being that the incoming messages
were built by someone who knew the shared secret key.
Until this weekend I thought a slightly simpler scheme would work. I was wrong.
Norman Hardy <http://cap-lore.com/>