[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: replay attacks
Phillip Rogaway wrote in the IPSEC mailing list:
> [...] replay detection can
> be handled by choosing a MAC mechanism which directly provides
> that service. Indeed a 96-128 bit MAC has ample space to
> directly incorporate replay detection, and one can "generically"
> modify any (ordinary) Message Authentication mechanism into a new
> one which protects against replays. The cost is making the
> MAC some 32-64 bits longer, say.
Perhaps there is even no need to make the MAC longer?
Using e.g. keyed MD5 or whatever one could place a time stamp with sufficent
granularity into the 'key' part of the authenticated data. So the MAC would
only be correct if the receiver gets it in the same time-frame.
The only drawback I see, is that you can not actually read from the packet for
which time-slot it has been produced.
Are there other drawbacks I am not aware of?
Friendly greetings,
Germano
Follow-Ups:
References: