[Cryptography] On the Impending Crypto Monoculture

Nemo nemo at self-evident.org
Sun Mar 27 14:57:45 EDT 2016


> As Encrypt-then-MAC follows the similar pattern as a publicly
> validate-able digital signature, I have a bias towards building the
> storage system around similar patterns, Encrypt-then-MAC and
> Encrypt-then-Sign.

Actually, no, it is nothing like "a publicly validate-able digital
signature". And "Encrypt-then-Sign" is nothing like authenticated
encryption.

In fact, this is the entire lesson of the recent JHU attack on
iMessage. See https://twitter.com/secparam/status/711999852020940800 and
http://blog.cryptographyengineering.com/2016/03/attack-of-week-apple-imessage.html

Even Apple's engineers could not get this right. And some wonder why we
say, "For crying out loud, just use Bernstein's code"?

 - Nemo


More information about the cryptography mailing list