James A. Donald writes: > What he wants is the that probability is cumulative - that each short > field not only validates the latest packet, but strengthens the > probability that all previous accepted packets were correct.
Schneier and Kelsey described a potentially-similar-enough technique: http://www.schneier.com/paper-auditlogs.pdf In their case, they were verifying the integrity of a sequence of log entries instead of media frames. But maybe that is close enough to Travis' problem to be of use. I agree with Bellovin that truncating the MAC is of little benefit except in bandwidth-constrained applications --- truncating the MAC decreases its protective power. There may be situations in which it's a fine trade-off, of course. This survey paper has more references: http://www.cs.berkeley.edu/~archanag/publications/privacypaper.pdf -- http://noncombatant.org/ _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
