Re: What does the MAC in IES or ECIES achieve ?

Mark Wooding wrote:
fabrice.gautier@xxxxxxxxx <fabrice.gautier@xxxxxxxxx> wrote:

Okay, so obviously, with the MAC in IES, I can detect if the ciphertext
has been tampered with.

But since IES doesnt provide authentication anyway (the sender doesnt
even need a Public Key), what good does that do?

You should maybe read Victor Shoup's exposition `Why chosen ciphertext
security matters',

This paper is excellent. Especially for non experts, I think.