[Cryptography] Literature on reusing same key for AES / HMAC?
Sandy Harris
sandyinchina at gmail.com
Mon Nov 9 15:40:26 EST 2015
On Wed, Nov 4, 2015 at 9:36 PM, Allen <allenpmd at gmail.com> wrote:
>> I'm looking at a very specific issue, where the same secret key is used
>> with AES-CTR for encryption,
>> and then later that same key is used for signing the ciphertext with
>> HMAC-SHA1.
>
> I don't even know why you would be tempted to do that when you could simply
> set the AES key to sha256(secret || "AES") and the HMAC key to sha256(secret
> || "HMAC")
Or do what AES-GCM does; AES encrypt an all-zero block to get a key to
use in authentication.
More information about the cryptography
mailing list