On Fri, 27 Jan 1995, Perry E. Metzger wrote:
If things are merely encrypted, an attacker can garble them without being caught -- I can "decrypt" random numbers into other random numbers if I want. Think of an attacker trying to sabotage the transfer of a binary file and you'll see why you need authentication.
You certainly need some kind of encrypted secure checksum (MAC) to ensure message integrity. I don't think you have to go through the entire authentication of the principal. (Though as V. Gligor keeps showing, even if you have a MAC at the end of your data, there are still some kinds of integrity attacks which are possible if you are not careful about how MACs and encryption is used). Now if you are talking about simple denial-of-service (detected tampering or traffic flooding), that is another more difficult story. -Thomas