[86485] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

truncating MACs for confidentiality, was Re: Public key encrypt-then-sign or sign-then-encrypt?

daemon@ATHENA.MIT.EDU (Travis H.)
Thu Apr 26 08:48:29 2007

Date: Wed, 25 Apr 2007 23:23:03 -0500
From: "Travis H." <travis+ml-cryptography@subspacefield.org>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <462F9CC6.8060904@lsitec.org.br>


--WIIRZ1HQ6FgrlPgb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

One more thing to consider; if you pick a reasonable MAC with twice
the security factor you need, then truncate the output to half the
size, I believe you get both confidentiality and
integrity/authentication guarantees of the desired strength.

--=20
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -><- <URL:http://www.subspacefield.org/~travis/>
For a good time on my UBE blacklist, email john@subspacefield.org.

--WIIRZ1HQ6FgrlPgb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (OpenBSD)

iQIVAwUBRjApJ2QVZZEDJt9HAQIi8w/9FTEYoWTHNna2itcpGGNHJ76t9LBdmvaz
fqlWPpfbO8X90Obd1j6EovrNE4YMfZqGS5QTSQoF2KC1w9VT6Sw2og+dp8NrtDh7
K3XZYKPhh3THzvR73g5v5Ey1++tBaOwFPAcSiIcSIPoPS46/rVwsx4RrnT4ANyRV
J0pWwmL/mAX7OQIuAlycleDgyedtTNoAB6SErv4SLEh9vadQjxyXru8B9C0fJGZE
DIvm0p+pXoxpgBhy0ZqiJRoXBk8yI3uXNjgxFF3kjYUnQfoiMjAe+xT6Z8sjcAiw
enDK75coTAJuY+TlnHCEZ7Jha0kk6fCCgN472BcNlwFxxeXdwX66TLdTQla9F0fz
mHUd66xFXQT7LjlFdVRLO3lTYURMCvZ8nYZ/jXLcF33/9W19QHBy27DZkHvO66f6
mbjYJwGyV3k5nXp1tHvykhPNA94j9HjEk7Gvv21CP4PHqNjtf69MLV7xegWPfakE
C30/sJpp0BsU5R4KRgB0dbMv+oruARwJtbfNYIIsQE3i7ZqB2lOLXtppnh93kDvp
0oXGYXkgz7hOwoaUUSb72/Z2nN7jJB1OROxSO3WoQGv8lh5LSCQF7St9eiDFflFx
8n4p14w3zKrfrQ7WG0XH47g1lWySHSDt6WIuhj5j3vovgFDnm42dOVVtaoscskOA
9bx9svYxxsA=
=DXyk
-----END PGP SIGNATURE-----

--WIIRZ1HQ6FgrlPgb--

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[86485] in cryptography@c2.net mail archive

truncating MACs for confidentiality, was Re: Public key encrypt-then-sign or sign-then-encrypt?

daemon@ATHENA.MIT.EDU (Travis H.)Thu Apr 26 08:48:29 2007

daemon@ATHENA.MIT.EDU (Travis H.)
Thu Apr 26 08:48:29 2007