Re: OMAC help
From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: Sun, 15 Jun 2003 18:54:00 GMT
Jack Lloyd wrote:
> On Sat, 14 Jun 2003 15:20:42 -0400, Tom St Denis wrote:
>>Well OMAC is encrypt based MAC. So you either encrypt then OMAC the
>>ciphertext or you OMAC [use the intermedidate output as ciphertext] and
>>to verify though you have to re-encrypt the plaintext and see if the
>>last ciphertext is in fact the correct output.
> I would say you are thinking about this wrong. OMAC is a mac function,
> just like HMAC or EMAC or XOR-MAC or whatever. The fact that it uses
> a block cipher instead of a hash function doesn't make any difference.
> BTW, are you suggesting here using the same key for the cipher and the
> MAC? I don't see any other way you could use the OMAC calculation to help
> compute the ciphertext...
The intermediate output of OMAC is CBC encrypted text..... Could be
Eitherway OMAC sux0rz and HMAC r0x0rz [hint: use cipher in davies meyers
mode albeit slower....]
>>At this point in the game you can essentially do all with either [e.g.
>>hash in ctr mode == cipher, hash + HMAC == MAC].
> The first of those has never been really accepted by the crypto
> community (SHACAL is the closest thing I can think of). Anyway, it'd
> probably be dirt slow
SHACAL is not a hash in CTR mode....