[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MAC speeds

To: ipsec@lists.tislabs.com
Subject: Re: MAC speeds
From: "D. J. Bernstein" <djb@cr.yp.to>
Date: 16 Mar 2000 01:02:03 -0000
References: <20000314223229.26334.qmail@cr.yp.to> <Pine.BSI.3.91.1000315102404.16490C-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

Henry Spencer writes:
> how much scrutiny has that proof had?

Authentication systems of this type have been known for 25 years and are
the subject of dozens of articles. The security proofs are easy and work
with any ``universal'' hash function. The fact that the particular hash
function I'm using is ``universal'' is taught in undergraduate algebra
courses and appears in hundreds of books.

What's new is the fact that this function can be computed at extremely
high speed. You can worry about errors in the proof that the code
computes the right function, just as you can worry about bugs in any
other bignum code, but this is completely different from worrying about
unknown attacks on, for example, SHA.

---Dan

References:

Re: MAC speeds

From: "D. J. Bernstein" <djb@cr.yp.to>

Re: MAC speeds

From: Henry Spencer <henry@spsystems.net>

Prev by Date: RE: Heartbeats draft available
Next by Date: Re: MAC speeds
Prev by thread: Re: MAC speeds
Next by thread: Re: MAC speeds
Index(es):
- Main
- Thread