Re: Strength of HMAC-SHA1-32

freeat12five <freeat12five@xxxxxxxxx> wrote:
That is indeed a great point. I think the real issue is in fact the
MAC tag length, but have started from the wrong end. We are not
concerned about encryption. It is an integrity and authentication

If you can have a sufficiently long key, a 32-bit HMAC-SHA1-32 will
ensure that the attacker can forge MAC tags with probability at most
2^(-32). If you can live with that forgery probability (few packets,
not so big a problem if a few packets are forged, etc.), then you
can probably live with HMAC-SHA1-32.

Kristian Gjøsteen