I thought this was worth sharing:
http://www.thoughtcrime.org/blog/the-cr ... principle/
MAC in this case doesn't mean Mandatory Access Control, it doesn't mean Media Access Control (like a MAC address), nor does it refer to cutesy little computers with a smile--it refers to Message Authentication Codes like HMAC.
A few other resources for those interested:
Colin Percival's guideline's on cryptography, and why you should encrypt-then-MAC:
http://www.daemonology.net/blog/2009-06 ... swers.html
http://www.daemonology.net/blog/2009-06 ... n-mac.html
A good crypto.stackexchange.com discussion on the various methods of operation (really, though, you should only use encrypt-then-MAC):
http://crypto.stackexchange.com/a/205
Wikipedia's write-up on authenticated encryption (basically what's discussed above):
http://en.wikipedia.org/wiki/Authenticated_encryption
More reasons you shouldn't MAC-then-encrypt (or MAC-and-encrypt) by Graham Sutherland (not this Graham Sutherland--this Graham Sutherland who has given a large number of talks on the subject):
https://codeinsecurity.wordpress.com/20 ... pt-is-bad/
It is currently Tue Dec 03, 2024 9:45 am
The Cryptographic Doom Principle
1 post
• Page 1 of 1
The Cryptographic Doom Principle
by Zancarius » Tue Apr 14, 2015 11:43 am
I gave that lich a phylactery shard. Liches love phylactery shards.
-
Zancarius - Site Admin
- Posts: 3907
- Joined: Wed Jul 05, 2006 3:06 pm
- Location: New Mexico
- Gender: Male
1 post
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 4 guests