[Cryptography] CFB/OFB/CTR mode with HMAC for key stream

Tom Mitchell mitch at niftyegg.com
Mon May 1 17:35:32 EDT 2017

On Mon, May 1, 2017 at 8:29 AM, Bill Frantz <frantz at pwpconsult.com> wrote:
> On 5/1/17 at 12:07 AM, memvandal at gmail.com (Memory Vandal) wrote:
>> I was wondering if using HMAC with something like SHA-256 to create a key
>> stream in CFB/OFB/CTR mode is a bad idea.
> Exactly this idea was suggested by at least one well-known cryptographer*
> during the 1990s crypto wars as a thought experiment to show that even if
> encryption algorithms were controlled, MACs could be substituted.

As Bill noted the MAC can be modified.
Next question is who or what can modify it?

The networking MAC is published (visible) in local network packets (see arp).
It is visible on the local net and perhaps in a bridged context.  The
router hardware
and software that connects can report it any place they wish.

Apple  and some Linuxes randomizes MAC so it is not a bold announcement of
who, what, when and where.

  T o m    M i t c h e l l

More information about the cryptography mailing list