[Cryptography] FREAK attack

lists at notatla.org.uk lists at notatla.org.uk
Thu Mar 5 20:44:43 EST 2015


Watson Ladd <watsonbladd gmail.com>

> The myth is that cryptographers in 1995 did not understand the proper order
> of encryption and MACing. The reality is they did. Furthermore,  the RC4
> results date back to 1995 as well.

See section 8.2 (p115-7) of Practical Cryptography copyright 2003
and section 7.2 (p102-4) of Cryptography Engineering copyright 2010.

If this was as well known as you think why don't they show a preference
for encrypt-then-mac or describe block cipher padding oracles?

http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html


More information about the cryptography mailing list