Peter, Do I understand you correctly. The checksum is calculated using a key or the checksum algorithm is secret so that they can't generate checksums for new keys? Are they using a one-way function? Do you have any documentation about this?
Thanks, Ethan On Wed, Mar 27, 2013 at 11:50 PM, Peter Gutmann <[email protected]>wrote: > Jeffrey Walton <[email protected]> writes: > > >What is the reason for checksumming symmetric keys in ciphers like BATON? > > > >Are symmetric keys distributed with the checksum acting as a > authentication > >tag? Are symmetric keys pre-tested for resilience against, for example, > >chosen ciphertext and related key attacks? > > For Type I ciphers the checksumming goes beyond the simple DES-style error > control, it's also to ensure that if someone captures the equipment they > can't > load their own, arbitrary keys into it. > > Peter. > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
