Re: Signatures and encryption headers
- From: Fabrice <fabrice.gautier@xxxxxxxxx>
- Date: Fri, 7 Nov 2008 10:44:53 -0800 (PST)
On Nov 7, 1:56 am, Kristian Gjøsteen <kristiag+n...@xxxxxxxxxxxx>
wrote:
Fabrice <fabrice.gaut...@xxxxxxxxx> wrote:
Are you talking about modes such as CCM and EAX
Yes.
With EAX or CCM, you still need some way to communicate the session
key used, the underlying block cipher and maybe the other parameters
that the CCM specs calls "Prerequisites", (if there are not fixed by
the system)
My question is basically, does those prerequisites needs to be
authenticated and/or confidential ? The session key obviously need to
be confidential, so I can encrypt it with a Public Key algorithm for
the recipient. But does the chosen block cipher, and the encrypted
session key needs to be authenticated ? And what kind of attack would
you be vulnerable to if they are not ?
-- Fabrice
.
- Follow-Ups:
- Re: Signatures and encryption headers
- From: David Wagner
- Re: Signatures and encryption headers
- References:
- Signatures and encryption headers
- From: Fabrice
- Re: Signatures and encryption headers
- From: Fabrice
- Re: Signatures and encryption headers
- From: Kristian Gjøsteen
- Re: Signatures and encryption headers
- From: Fabrice
- Re: Signatures and encryption headers
- From: Kristian Gjøsteen
- Signatures and encryption headers
- Prev by Date: Re: Signatures and encryption headers
- Next by Date: Re: Signatures and encryption headers
- Previous by thread: Re: Signatures and encryption headers
- Next by thread: Re: Signatures and encryption headers
- Index(es):
Relevant Pages
|
