L02_HashMDMAC

Why is it insufficent to just append the cbc residue

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: MAC. Why is it insufficent to just append the CBC residue of the 1st pass as the MAC ? MAC Drawbacks of using Encryption for MAC Encryption software is slow Encryption slow Encryption hardware costs aren’t cheap Encryption hardware Hardware optimized toward large data sizes Hardware large Encryption Algorithms are usually covered by patents Encryption patents Algorithms subject to US export control Algorithms export One-Way Hash Function Hash function accepts a variable size message M as input and variable produces a fixed-size message digest H(M) as output fixed-size message H(M) Message digest is sent with the message for authentication Message sent Produces a fingerprint of the message Produces fingerprint No secret key is involved MAC generation using One Way Hash + Conventional encryption Message digest H(M) Shared key Authenticity is assured ; no confidentiality is provided; Still need Encryption algorithm ; but faster because the hash function computation is quicker than encrypting the entire message ; now only need to encrypt The much shorter message digest instead Use only One Way Hash Function to compute MAC Secret value SAB MDM||M MDM = H(M || SAB) Would MDM = H(SAB || M ) work as well ? The Answer is...
View Full Document

This note was uploaded on 12/05/2013 for the course IERG 4130 taught by Professor Chowsze-ming,sherman during the Fall '13 term at CUHK.

Ask a homework question - tutors are online