| question on bellare-rogaway | <– Date –> <– Thread –> |
From: Vanderveen, Michaela (MCV flarion.com)
|
|
| Date: Sat, 1 Oct 2005 14:39:29 -0400 (EDT) | |
Hello, With the occasion of the EAP-PSK review at the last IETF, a question arose whether the mutual authentication in this method is considered flawed for not following exactly the classic (formally proven) Bellare-Rogaway protocol, in that one element is not communicated explicitly over the wire, but only used in the calculation of the MAC. Not having attended that particular meeting, I am wondering if an opinion has formed as to whether this practice is acceptable in the cryptographic community. Better yet, does anyone know if there are any formal proofs of modifications of the Bellare-Rogaway protocol that use the nonces in computations of MACs but do not send them explicitly. This question would be important for authentication protocols designed to run over bandwidth-limited links. Thanks, Michaela Michaela Vanderveen, Ph.D. Advanced Networking Flarion Technologies, Inc. email: mcv [at] flarion.com =========================================================== This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. ===========================================================
-
question on bellare-rogaway Vanderveen, Michaela, October 1 2005
- Re: question on bellare-rogaway T. Charles Clancy, October 3 2005
Results generated by Tiger Technologies using MHonArc.