Re: OMAC help

From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 06/15/03


Date: Sun, 15 Jun 2003 18:54:00 GMT

Jack Lloyd wrote:
> On Sat, 14 Jun 2003 15:20:42 -0400, Tom St Denis wrote:
>
>
>>Well OMAC is encrypt based MAC. So you either encrypt then OMAC the
>>ciphertext or you OMAC [use the intermedidate output as ciphertext] and
>>to verify though you have to re-encrypt the plaintext and see if the
>>last ciphertext is in fact the correct output.
>
>
> I would say you are thinking about this wrong. OMAC is a mac function,
> just like HMAC or EMAC or XOR-MAC or whatever. The fact that it uses
> a block cipher instead of a hash function doesn't make any difference.
>
> BTW, are you suggesting here using the same key for the cipher and the
> MAC? I don't see any other way you could use the OMAC calculation to help
> compute the ciphertext...

The intermediate output of OMAC is CBC encrypted text..... Could be
very misleading.

Eitherway OMAC sux0rz and HMAC r0x0rz [hint: use cipher in davies meyers
mode albeit slower....]

>>At this point in the game you can essentially do all with either [e.g.
>>hash in ctr mode == cipher, hash + HMAC == MAC].
>
>
> The first of those has never been really accepted by the crypto
> community (SHACAL is the closest thing I can think of). Anyway, it'd
> probably be dirt slow

SHACAL is not a hash in CTR mode....

Tom



Relevant Pages

  • Re: Backup of encrypted Data in the Cloud
    ... Derive the encryption key and the key for the MAC out of the keystream ... Encrypt the plaintext using the encryption key and concatenate the IV ... Calculate the MAC of the ciphertext using the MAC_Key ...
    (sci.crypt)
  • Backup of encrypted Data in the Cloud
    ... Because it's recommended to encrypt your data using an always different key and also provide a MAC alongside, I am trying to achieve this by using the following scheme: ... Encrypt the plaintext using the encryption key and concatenate the IV ... Calculate the MAC of the ciphertext using the MAC_Key ...
    (sci.crypt)
  • Re: Backup of encrypted Data in the Cloud
    ... Derive the encryption key and the key for the MAC out of the keystream ... Encrypt the plaintext using the encryption key and concatenate the IV ... Calculate the MAC of the ciphertext using the MAC_Key ...
    (sci.crypt)
  • Re: OMAC help
    ... > Why on earth would someone have to decrypt and then re-encrypt a message ... Perhaps they could, say, just MAC the ciphertext ... Well OMAC is encrypt based MAC. ...
    (sci.crypt)
  • Re: CBC questions
    ... > to trust any MAC ... But we do know OMAC pretty well, ... > deliberately change meaning or values in the first block ... message authentication code that can be automatically verified by your ...
    (sci.crypt)