Re: Strength of HMACSHA132
 From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
 Date: Tue, 18 Nov 2008 13:09:11 +0000 (UTC)
freeat12five <freeat12five@xxxxxxxxx> wrote:
That is indeed a great point. I think the real issue is in fact the
MAC tag length, but have started from the wrong end. We are not
concerned about encryption. It is an integrity and authentication
issue.
If you can have a sufficiently long key, a 32bit HMACSHA132 will
ensure that the attacker can forge MAC tags with probability at most
2^(32). If you can live with that forgery probability (few packets,
not so big a problem if a few packets are forged, etc.), then you
can probably live with HMACSHA132.

Kristian Gjøsteen
.
 FollowUps:
 Re: Strength of HMACSHA132
 From: David Wagner
 Re: Strength of HMACSHA132
 From: Ilmari Karonen
 Re: Strength of HMACSHA132
 References:
 Strength of HMACSHA132
 From: freeat12five
 Re: Strength of HMACSHA132
 From: Kristian Gjøsteen
 Re: Strength of HMACSHA132
 From: freeat12five
 Strength of HMACSHA132
 Prev by Date: Re: Strength of HMACSHA132
 Next by Date: Wanted Known
 Previous by thread: Re: Strength of HMACSHA132
 Next by thread: Re: Strength of HMACSHA132
 Index(es):
Relevant Pages
