[Cryptography] Langsec & authentication
Stephan Neuhaus
stephan.neuhaus at tik.ee.ethz.ch
Tue May 27 15:53:46 EDT 2014
On 2014-05-27, 21:30, Judson Lester wrote:
> But, and this is the other half of my dilemma, authenticating
> ambiguous blobs of data opens a giant hole in your MAC system: here's
> two documents that mean "re-order coffee" and "nuke North Korea" with
> the same MAC. Oops. And while that's theoretically possible
> regardless, it becomes much easier to do if there's many many ways to
> say "nuke North Korea."
Once you have ambiguous blobs of data, one of which means "re-order
coffee" and the other meaning "nuke North Korea", you've lost the game.
But surely that's not the fault of the authentication subsystem.
Fun,
Stephan
--
More information about the cryptography
mailing list