[EMAIL PROTECTED] wrote:
[snip]
>
> With keyed MACs Alice and Bob share the same secretkeys, either can
> freely generate messages with correct MAC values, so the MAC cannot be
> used as evidence to a third party that Alice is the signer of the
> message.
While you are correct in the general cas
I think they are presuming there will be no encryption, so Eve can
verify collisions by observing the MAC values. Eve just records
messages and their MACs that Alice sends Bob. They are also presuming
exceedingly long lived MAC keys. (If you changed keys the collection
of messages would have to
The RMAC FIPS draft does not appear to explicitly state when RMAC is
useful. What is the scenario in which (presumably unlike some other keyed
MAC algorithms) RMAC is resistant to birthday attacks? More broadly for an
arbitrary keyed MAC (in a plausible application!) how does the birthday
attack c
At 10:52 PM +0100 10/21/02, Adam Back wrote:
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
There may be a hole somewhere, but Microsoft is trying hard to get
it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
forces
I've been trying to figure out whether the following attack will be
feasible in a Pd system, and what would have to be incorporated to prevent
against it.
Alice runs "trusted" application T on her computer. This is some sort of
media application, which acts on encoded data streamed over the
intern
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
> There may be a hole somewhere, but Microsoft is trying hard to get
> it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
forces the user to use some hardware hacking.
The