eap Mailing List: Re: question on bellare-rogaway

[T. Charles Clancy (clancy]

In my experience, omissions such as this do not lead to any real attacks. 
They only affect one's ability to formally prove the correctness of a 
protocol.  Just because something's harder to prove doesn't make it any 
less secure in terms of practical attacks.

[ t. charles clancy ]--[ tcc [at] umd.edu ]--[ www.cs.umd.edu/~clancy ]
[ computer science ]-----[ university of maryland | college park ]

On Fri, 30 Sep 2005, Vanderveen, Michaela wrote:

> Hello,
>
> With the occasion of the EAP-PSK review at the last IETF, a question arose 
> whether the
> mutual authentication in this method is considered flawed for not following 
> exactly the
> classic (formally proven) Bellare-Rogaway protocol, in that one element is
> not communicated explicitly over the wire, but only used in the calculation of 
> the MAC.
>
> Not having attended that particular meeting, I am wondering if an opinion has 
> formed as
> to whether this practice is acceptable in the cryptographic community.
> Better yet, does anyone know if there are any formal proofs of
> modifications of the Bellare-Rogaway protocol that use the nonces in 
> computations of
> MACs but do not send them explicitly.
>
> This question would be important for authentication protocols designed to run
> over bandwidth-limited links.
> Thanks,
>
> Michaela
>
>
>
>
>
> Michaela Vanderveen, Ph.D.
> Advanced Networking
> Flarion Technologies, Inc.
> email: mcv [at] flarion.com
>
>
> ===========================================================
> This email may contain confidential and privileged material for the sole use
> of the intended recipient.  Any review or distribution by others is strictly
> prohibited.  If you are not the intended recipient please contact the sender
> and delete all copies.
> ===========================================================
>
> _______________________________________________
> eap mailing list
> eap [at] frascone.com
> http://mail.frascone.com/mailman/listinfo/eap