Jeffrey Walton <[email protected]> writes: >What is the reason for checksumming symmetric keys in ciphers like BATON? > >Are symmetric keys distributed with the checksum acting as a authentication >tag? Are symmetric keys pre-tested for resilience against, for example, >chosen ciphertext and related key attacks?
For Type I ciphers the checksumming goes beyond the simple DES-style error control, it's also to ensure that if someone captures the equipment they can't load their own, arbitrary keys into it. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
