<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: Simple steps to improve CIPE security
From: jon+cipe,AT,silicide,DOT,dk
Date: Wed, 1 Oct 2003 10:02:49 +0200
In-reply-to: <200310010945.49258.alatham@flexsys-group.com>
References: <000401c387eb$9234bd20$d620a8c0@pcw_hans.hnsasd.priv> <200310010945.49258.alatham@flexsys-group.com>
Reply-to: cipe-l,AT,inka,DOT,de

On Wed, Oct 01, 2003 at 09:45:49AM +0200, Allan Latham wrote:
> Hi all
> 
> 1. I am considering alternatives to MD5.
> 
> 2. Almost all packets are encrypted with the dynamic key. Those that fail 
> CRC 
> are subject to an extra decryption with the static key. In normal 
> circumstances this is no great problem. The risk is that it increases the 
> effectiveness of a DOS attack. (Sending garbage to CIPE would make it 
> consume 
> twice as much CPU).
> 
> I did not make it clear. The intention is to use the static key only for KX 
> and the dynamic key only for data. This means that if an attacker breaks a 
> dynamic key he cannot then use this to decrypt the KX and get the next 
> dynamic key. Avoiding using the static key for data minimises its use and 

Is this a good idea?
Suppose that an attacker gets an encrypted KX, after that he gets the
dynamic key, now he has known plaintext, and isnt it then easier to
find the static key?

JonB


<< | Thread Index | >> ]    [ << | Date Index | >> ]