[Cryptography] A Fun Trick: The Little MAC Attack
Jerry Leichter
leichter at lrw.com
Sun May 10 17:13:13 EDT 2015
On May 10, 2015, at 1:48 PM, Ray Dillinger <bear at sonic.net> wrote:
>> Most proposals of the day simply used MD5(key || message), a few might go for the "more secure" MD5(key || message || key).
>
> If I map || onto XOR, then (key || message || key) == message, which
> makes the use of the key pointless. If I map || onto OR, then
> (key || message || key) == (key || message), which makes the second
> use of key pointless.
>
> Was the above MD5(key || message || key) a typo for
>
> MD5(key || message) || key
No. "||" is "concatenate".
Unfortunately, we don't have universal agreement on some basic notation. The use of "||" goes back at least to PL/I, probably further. C re-purposed it for "short-cut or" years later; at least that's an unlikely interpretation in this context. I don't think I've ever seen it used for XOR.
Similarly, "^" for exponentiation goes back to BASIC, if I remember right, but again C re-purposed it for XOR, so it's also ambiguous.
Many languages use "+" for concatenation. As a programmer, I use this all the time; as an ex-mathematician, it bothers me. (Mathematicians generally assume that any operator written in the form of an addition is commutative. String concatenation in a mathematical context would normally be written as a multiplication; multiplicative operators may be commutative or not - usually not.)
Anyway, if I'd used "+" you might have taken it for addition; and if it's used "*" I doubt anyone would have read it as concatenation.
My personal convention in ASCII text is || for concatenation and ~, OR, XOR, and AND for the binary bitwise operations.
-- Jerry
More information about the cryptography
mailing list