[Cryptography] Dumb Question about Pair-Wise Authentication

David Kane-Parry dkp at ldd.org
Sun Apr 5 17:00:47 EDT 2020

On Sun, Apr 5, 2020 at 3:36 AM Kent Borg <kentborg at borg.org> wrote:
> When I want to send a message I do a hash of the message plus the
> secret, and append that hash. On receipt I strip the hash, do a new hash
> of the message plus the secret and compare the result. So simple. What
> is wrong with it? Seems radical.

You have nearly described HMAC-based message authentication, e.g.
https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html .

- d.

More information about the cryptography mailing list