Tony,
Thank you for pointing out the paper. It has lead to some very interesting reading. I looked around lshift and even posted a comment on your blog. Are you working on cryptography at lshift? Have you considered joining the team? Or subscribing to our list?
Can you share with us your interest in KryptOn and Squeak?
Ron Teitelbaum Squeak Cryptography Team Leader
-----Original Message----- From: cryptography-bounces@lists.squeakfoundation.org [mailto:cryptography-bounces@lists.squeakfoundation.org] On Behalf Of Chris Muller Sent: Monday, January 09, 2006 7:37 PM To: Tony Garnock-Jones; chris@funkyobjects.org Cc: cryptography@lists.squeakfoundation.org; Paul Crowley Subject: [Cryptography Team] Re: KryptOn MakoEnvelopesignedAndSealedFrom:to:object:
Hi Tony, it may very well be the other way around. I am honestly no encryption expert, just a skilled implementor. I will try to find the web reference that recommended that.
As for ECB, I'm sorry I have no idea what that means. This is exactly the kind of critique I need your guys' help with. I am hoping that the usage and management are mostly ok, but there may be some tightening needed in the cryptography layer.
This is a very worthy discussioon for the cryptography list, I hope you don't mind that I have copied that list here.
Cheers, Chris
--- Tony Garnock-Jones tonyg@lshift.net wrote:
Hi Chris,
In the comment to method MakoEnvelope class>>signedAndSealedFrom:to:object:, you write "Security experts recommend putting the signed inside the sealed".
Isn't it the other way around? According to http://www-cse.ucsd.edu/users/mihir/papers/oem.html the least insecure method is to encrypt, then MAC.
Also: On digging into the implementation of enciphering, it looks like the default cipher, Rijndael, is being used in ECB mode. Have I analysed that correctly? (If so, there are other modes that might be better: AEAD modes such as EAX or GGM; at a minimum, CTR, but an AEAD mode would be better, of course)
Regards, Tony -- [][][] Tony Garnock-Jones | Mob: +44 (0)7905 974 211 [][] LShift Ltd | Tel: +44 (0)20 7729 7060 [] [] http://www.lshift.net/ | Email: tonyg@lshift.net
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography