Inventing your own null cipher security opens up the door for replay, withhold and reorder styles of attacks.
On Mon, Aug 20, 2018 at 9:20 PM Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > Lyndon Nerenberg <lyn...@orthanc.ca> writes: > > >By law, we are forbidden from transmitting encrypted traffic, yet there > are > >use cases where integrity protection in the absence of data content > >protection would be of benefit. > > I've worked a lot with a set of authentication-only channels that can't be > encrypted but need strong integrity/authenticity protection. The way to > deal > with this is signed/MAC'd messages, not NULL-cipher TLS. > > Peter. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
