Re: IBM Cries Crypto Wolf, Experts Say

Fri, 01 Dec 2000 08:49:16 -0800 

On Thu, Nov 30, 2000 at 08:42:07PM -0500, No User wrote:
> 
> Big Blue says it can make encryption twice as fast. But the company hyped a similar 
>advancement years ago; experts say that idea didn't amount to much, and this one 
>won't either. 
> By Elinor Abreu 
> IBM is announcing a new algorithm on Thursday that it says will double the speed at 
>which online communications are encrypted. But several crypto experts say that IBM is 
>fixing something that isn't broken and that Big Blue has a history of tooting its 
>horn needlessly.
> 
> IBM's new as-yet-unnamed security algorithm simultaneously encrypts and 
>authenticates messages. It works with symmetric cryptography in which the same secret 
>key, or mathematical code, is used to encrypt and decrypt, as opposed to public key 
>cryptography, in which two different keys are used. The new algorithm has been 
>submitted to the U.S. Patent Office and proposed to the National Institute of 
>Standards.


I'm guessing what's described above is this:


*************************
Stanford Security Seminar

Charanjit Jutla of
IBM Watson

Thursday, Dec 7 at 4:15pm
(Note unusual day)
Gates 4B area
*************************

Encryption Modes with Almost Free Message Integrity

We define a new mode of operation for block encryption which
in addition to assuring confidentiality also assures
message integrity. In contrast, previously for message
integrity a separate pass was required to compute a
cryptographic message authentication code (MAC).
The new mode of operation, called Integrity Aware CBC (IACBC),
requires a total of m+log m block encryptions on a plain-text
of length m blocks. The well known CBC (cipher block chaining)
mode requires m block encryptions. The second pass of computing
the CBC-MAC  essentially requires   additional m block encryptions.
A new highly parallelizable mode (IAPM) is also shown to  
be secure for both encryption and message integrity.
We also show a lower bound  of Omega(log m) additional block
encryptions  for any reasonably modeled  (linear)
scheme which assures message integrity along with
confidentiality.

See http://crypto.stanford.edu/seclab/sem.html



-- 
  Eric Murray           Consulting Security Architect         SecureDesign LLC
  http://www.securedesignllc.com                            PGP keyid:E03F65E5

Reply via email to