[Cryptography Team] Re: KryptOn MakoEnvelope
signedAndSealedFrom:to:object:
Chris Muller
chris at funkyobjects.org
Tue Jan 10 01:37:20 CET 2006
Hi Tony, it may very well be the other way around. I
am honestly no encryption expert, just a skilled
implementor. I will try to find the web reference
that recommended that.
As for ECB, I'm sorry I have no idea what that means.
This is exactly the kind of critique I need your guys'
help with. I am hoping that the usage and management
are mostly ok, but there may be some tightening needed
in the cryptography layer.
This is a very worthy discussioon for the cryptography
list, I hope you don't mind that I have copied that
list here.
Cheers,
Chris
--- Tony Garnock-Jones <tonyg at lshift.net> wrote:
> Hi Chris,
>
> In the comment to method MakoEnvelope
> class>>signedAndSealedFrom:to:object:, you write
> "Security experts
> recommend putting the signed inside the sealed".
>
> Isn't it the other way around? According to
> http://www-cse.ucsd.edu/users/mihir/papers/oem.html
> the least insecure
> method is to encrypt, then MAC.
>
> Also: On digging into the implementation of
> enciphering, it looks like
> the default cipher, Rijndael, is being used in ECB
> mode. Have I analysed
> that correctly? (If so, there are other modes that
> might be better: AEAD
> modes such as EAX or GGM; at a minimum, CTR, but an
> AEAD mode would be
> better, of course)
>
> Regards,
> Tony
> --
> [][][] Tony Garnock-Jones | Mob: +44 (0)7905
> 974 211
> [][] LShift Ltd | Tel: +44 (0)20 7729
> 7060
> [] [] http://www.lshift.net/ | Email:
> tonyg at lshift.net
>
>
More information about the Cryptography
mailing list