[Cryptography] CFB/OFB/CTR mode with HMAC for key stream
Bill Frantz
frantz at pwpconsult.com
Mon May 1 11:29:36 EDT 2017
On 5/1/17 at 12:07 AM, memvandal at gmail.com (Memory Vandal) wrote:
>I was wondering if using HMAC with something like SHA-256 to create a key
>stream in CFB/OFB/CTR mode is a bad idea.
>
>Considering that in CFB/OFB/CTR modes, the cipher required in the mode is
>used only to perform encryption operation for both encryption and
>decryption, a HMAC can be used to generate a key stream.
>
>So, the overall CFB/OFB/CTR mode remains exactly same with exception of
>using HMAC in place for a cipher. The key being used as HMAC key while IV
>can be as the HMAC message.
>
>I am not a cryptographer but, have some experience with implementing
>cryptography. I could not come up with reasons as to why this could be a
>bad idea.
Exactly this idea was suggested by at least one well-known
cryptographer* during the 1990s crypto wars as a thought
experiment to show that even if encryption algorithms were
controlled, MACs could be substituted.
Cheers - Bill
* I don't currently have the bandwidth to search out the name.
-----------------------------------------------------------------------
Bill Frantz | I like the farmers' market | Periwinkle
(408)356-8506 | because I can get fruits and | 16345
Englewood Ave
www.pwpconsult.com | vegetables without stickers. | Los Gatos,
CA 95032
More information about the cryptography
mailing list