[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: risks of MACs associated with packets
<dee@skidrow.tay.dec.com> wrote:
> That's far from clear to me. If both the plaintext and the checksum are
> encrypted, you can probably use a much weaker algorithm than a cryptographic
> hash function, I'd think. Or am I missing some attacks?
If the check is a CRC, the patterns which can be XORed into a valid message
to produce a valid message are easily derivable. If using a stream cipher,
you can XOR a known pattern into the (unknown) plaintext easily.
It can even be done to some degree with CBC and CFB chaining.
(You can do a controlled XOR for one cipher block.)
It can be done, but you need to be careful.
--
-Colin