It is currently Sat Jan 23, 2021 2:58 am

The Cryptographic Doom Principle

If you have something technology-related to share and don't feel like cluttering up General Chat, post it here. Anything is fair game and anything highly technical is preferred.

The Cryptographic Doom Principle

Postby Zancarius » Tue Apr 14, 2015 11:43 am

I thought this was worth sharing:

http://www.thoughtcrime.org/blog/the-cr ... principle/

MAC in this case doesn't mean Mandatory Access Control, it doesn't mean Media Access Control (like a MAC address), nor does it refer to cutesy little computers with a smile--it refers to Message Authentication Codes like HMAC.

A few other resources for those interested:

Colin Percival's guideline's on cryptography, and why you should encrypt-then-MAC:
http://www.daemonology.net/blog/2009-06 ... swers.html
http://www.daemonology.net/blog/2009-06 ... n-mac.html

A good crypto.stackexchange.com discussion on the various methods of operation (really, though, you should only use encrypt-then-MAC):
http://crypto.stackexchange.com/a/205

Wikipedia's write-up on authenticated encryption (basically what's discussed above):
http://en.wikipedia.org/wiki/Authenticated_encryption

More reasons you shouldn't MAC-then-encrypt (or MAC-and-encrypt) by Graham Sutherland (not this Graham Sutherland--this Graham Sutherland who has given a large number of talks on the subject):
https://codeinsecurity.wordpress.com/20 ... pt-is-bad/
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Return to Technology Lounge

Who is online

Users browsing this forum: No registered users and 1 guest

cron