[Cryptography] A Fun Trick: The Little MAC Attack
Ray Dillinger
bear at sonic.net
Sun May 10 13:48:12 EDT 2015
On 05/10/2015 04:19 AM, Jerry Leichter wrote:
> Most proposals of the day simply used MD5(key || message), a few might go for the "more secure" MD5(key || message || key).
If I map || onto XOR, then (key || message || key) == message, which
makes the use of the key pointless. If I map || onto OR, then
(key || message || key) == (key || message), which makes the second
use of key pointless.
Was the above MD5(key || message || key) a typo for
MD5(key || message) || key
?
The above form (even if MD5 were secure which it ain't)
is still brittle as hell in terms of what its security is
applicable to, but it at least isn't obviously broken, and
makes less nonsense than what you typed?
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150510/7178cb2a/attachment.sig>
More information about the cryptography
mailing list