[E-Lang] Combining strong authentication and secrecy protocols.

Norman Hardy norm@cap-lore.com
Mon, 19 Feb 2001 15:37:45 -0800


I am pleased to have run across an idea from Xerox called CBCC. I 
don't have the precise details of their code but the idea is 
extraordinarily simple. If you include a simple checksum in the 
plaintext and code and decode using CBC check the sum then you have 
strong authentication. See <http://cap-lore/Crypto/StackLev.html> for 
more details. In the context of E this could be used to encrypt and 
authenticate, the authentication being that the incoming messages 
were built by someone who knew the shared secret key.

Until this weekend I thought a slightly simpler scheme would work. I was wrong.
-- 
Norman Hardy  <http://cap-lore.com/>