[Cryptography] A Fun Trick: The Little MAC Attack
Ray Dillinger
bear at sonic.net
Sun May 10 20:45:50 EDT 2015
On 05/10/2015 02:13 PM, Jerry Leichter wrote:
> On May 10, 2015, at 1:48 PM, Ray Dillinger <bear at sonic.net> wrote:
>> Was the above MD5(key || message || key) a typo for
>> MD5(key || message) || key
> No. "||" is "concatenate".
Ah. I see; they used of a copy of the key on both ends as a
defense against extension attacks. That makes more sense now.
Unfortunately it still doesn't do a darn thing for colliding-
block substitution in long messages.
> Unfortunately, we don't have universal agreement on some basic notation.
Until Unicode characters are a darned sight easier to type, we won't.
There are Unicode characters for most bit operations, and I can be
driven to use them if necessary. But they're a pain in the tush to
type, and like you I usually use ASCII substitutes.
There is a standard math notation for sequence concatenation
using U+2322, which is named FROWN and written ⌢. This is
decimal 8994. We could use it for string or blob concatenation,
but it's a pain in the tush to type.
I've used double slash in the past for concatenation but I have
no idea whether that's understood without providing context; I
always feel that I have to explain it whenever I use it. And
I've seen at least one person use $+ for concatenation, which
I suppose is reasonable if you read "string" for $.
Vertical bar reads as OR to me, but that's probably because
I'm a C programmer.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150510/bb575605/attachment.sig>
More information about the cryptography
mailing list