Cryptography: Difference between revisions
From Wiki
(H(key || message) is vulnerable) |
(Learnt how to do References in MediaWiki) |
||
Line 1: | Line 1: | ||
* SHA3 algorithms are currently considered invulnerable to length-extension attacks. | * SHA3 algorithms are currently considered invulnerable to length-extension attacks. | ||
* A naive approach to hash-based MAC generation like taking the hash of the key appended to the message would be vulnerable to length-extension attacks. HMAC isn't. | * A naive approach to hash-based MAC generation like taking the hash of the key appended to the message would be vulnerable to length-extension attacks. HMAC isn't<ref>https://en.wikipedia.org/wiki/HMAC#Design_principles</ref>. | ||
* Message Authentication Codes (MAC) are like a symmetric key cryptography version of digital signatures. | * Message Authentication Codes (MAC) are like a symmetric key cryptography version of digital signatures. | ||
==References== |
Latest revision as of 15:41, 19 August 2020
- SHA3 algorithms are currently considered invulnerable to length-extension attacks.
- A naive approach to hash-based MAC generation like taking the hash of the key appended to the message would be vulnerable to length-extension attacks. HMAC isn't[1].
- Message Authentication Codes (MAC) are like a symmetric key cryptography version of digital signatures.