[E-Lang] Combining strong authentication and secrecy protocols.

Ben Laurie ben@algroup.co.uk
Tue, 20 Feb 2001 10:24:01 +0000


Norman Hardy wrote:
> 
> I am pleased to have run across an idea from Xerox called CBCC. I
> don't have the precise details of their code but the idea is
> extraordinarily simple. If you include a simple checksum in the
> plaintext and code and decode using CBC check the sum then you have
> strong authentication. See <http://cap-lore/Crypto/StackLev.html> for
> more details. In the context of E this could be used to encrypt and
> authenticate, the authentication being that the incoming messages
> were built by someone who knew the shared secret key.
> 
> Until this weekend I thought a slightly simpler scheme would work. I was wrong.

The scheme is described in AC2, p. 207. The original reference is "Xerox
Networking System Authentication Protocol", XSIS 098494, Xerox Corp.,
Apr 1984.

The actual algorithm is to XOR all the plaintext blocks together, and
use that in place of the last plaintext block. The last block should
include a checksum. Hence, any change to the plaintext anywhere will
corrupt the last block and invalidate the checksum.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff