Re: Combine Secure 3DES Encryption with ability to count occurence of known plaintext - how to accomodate both aims?
From: Paul Rubin (//phr.cx_at_NOSPAM.invalid)
Date: 01/20/05
- Next message: robert j. kolker: "Re: Factoring problem, solved"
- Previous message: Bob Harris: "Re: Factoring problem, solved"
- In reply to: David Wagner: "Re: Combine Secure 3DES Encryption with ability to count occurence of known plaintext - how to accomodate both aims?"
- Next in thread: Volker Hetzer: "Re: Combine Secure 3DES Encryption with ability to count occurence of known plaintext - how to accomodate both aims?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Jan 2005 16:35:14 -0800
daw@taverner.cs.berkeley.edu (David Wagner) writes:
> As Paul Rubin says, you can use 3DES-CBC-MAC instead of SHA1-HMAC.
> (I slightly prefer 3DES-OMAC or AES-OMAC, but the difference is unimportant
> if the messages you are hashing are of a constant, fixed length.)
Yes, those would be preferable; I'm not familiar with the Attala HSM's
but I was going on the assumption that their API let you make
encapsulated keys that could do CBC-MAC directly. You could do OMAC
by making an ECB key and building up the MAC operation in software,
but that would expose the ability to encrypt and decrypt with the MAC
key, which is maybe a little bit dangerous.
- Next message: robert j. kolker: "Re: Factoring problem, solved"
- Previous message: Bob Harris: "Re: Factoring problem, solved"
- In reply to: David Wagner: "Re: Combine Secure 3DES Encryption with ability to count occurence of known plaintext - how to accomodate both aims?"
- Next in thread: Volker Hetzer: "Re: Combine Secure 3DES Encryption with ability to count occurence of known plaintext - how to accomodate both aims?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
