Re: MD5 and SHA-0 collisions
Date: Sat, 4 Sep 2004 19:06:16 +0000 (UTC)
Paul Rubin wrote:
>The point is that HMAC's are used for more things than simply
>authenticating that you have the secret key.
Are they? Can you give any examples?
>The user may expect that
>if two files have the same HMAC, then they are the same file, just as
>with unkeyed MD5.
The user shouldn't expect that, particularly not if they are using
MD5-HMAC. If the user is counting on HMAC to be collision-free even
when the attacker is choosing the key, the user is doing something
- Re: Simple Keyed hash question
... HMACs are frequently used to provide tamper resistance. ... some data and an HMAC for it, if I have the key that was used with the HMAC ... the file is the HASH in addition to the secret key. ... the secret key need to be transfert by one ...
- Re: Backup of encrypted Data in the Cloud
... On 05.12.12 17:45, Paul Rubin wrote: ... key so you don't have to keep a secret key on the local system. ... As I am aware how to handle backup and restore with pgp, ... Maybe someone can point me somewhere to read about that or can assure me that incuding the Unix timestamp doesn't hurt - or better perhaps that it will be perfectly sufficient and secure just to use the secure hash of each different plaintext for generating such IV. ...