Subject: Re: ssh - are you nuts?!?
To: Simon J. Gerraty <>
From: Bill Sommerfeld <>
List: tech-security
Date: 12/18/2000 12:37:50
> Authentication is pointless without a means of ensuring the integrity of
> the channel


> and encryption gives you that as a side effect.


I am not aware of any generally accepted encryption algorithm or mode
of operation which provides data integrity as a side-effect; modes of
operation which combine integrity and authenticity are still very much
an area of research.

While many block ciphers in CBC mode will garble a block or two if
tampered with, the cryptosystem will resynch after the garble.  PCBC
is alleged to corrupt the rest of the block, but there are some cases
where it will resynch after the garble..

Many stream-cipher modes are even more forgiving of tampering and
allow an attacker to toggle arbitrary plaintext bits through the

						- Bill