On Mon, 21 Oct 2002, Aram Perez wrote:
[EMAIL PROTECTED] wrote:
While you are correct in the general case, I have worked on a system where
Alice could only generate MACs and Bob could only verify MACs. The hardware
was designed so that Alice could not verify MACs and Bob could not generate
On Tue, 22 Oct 2002, Ed Gerck wrote:
Short answer: Because the MAC tag is doubled in size.
I know, but this is not my question.
Longer answer: The birthday paradox says that if the MAC tag has t bits,
only 2^(t/2) queries to the MAC oracle are likely needed in order to discover
two
The RMAC FIPS draft does not appear to explicitly state when RMAC is
useful. What is the scenario in which (presumably unlike some other keyed
MAC algorithms) RMAC is resistant to birthday attacks? More broadly for an
arbitrary keyed MAC (in a plausible application!) how does the birthday
attack
This is more indicative of CERT's focus than the relative frequency of
security issues. The fact that a large fraction of e-commerce merchants
let you set the price for the goods you buy is in practice a larger threat
than the widely publicized buffer overflows.
Semantic security bugs in
CERT is far from a comprehensive source of security bug reports. Does
anyone have statistics of bug types for Bugtraq or Mitre's CVE?
I get daily bug reports via FS/ISAC. Most of these are not
sufficiently severe or broadly applicable to be CERT advisories. These are
mostly application logic
