Re: Rivest's Chaffing and Winnowing

New Message Reply About this list Date view Thread view Subject view Author view

Ge' Weijers (ge@Progressive-Systems.Com)
Mon, 23 Mar 1998 11:51:21 -0500 (EST)


TM,

> Instead of using HMAC-SHA or another large-digest MAC, I simply used 32-bit
> CRCs to save space and time. The MAC of byte M is CRC(M+Password+M), where
> "+" denotes concatenation.

It should be fairly trivial to crack this system. CRC is so nice and
linear....... One byte at a time is not a good idea either, unless you
send O(256) packets with the same serial number. You could use 96 or 64
bits taken from the HMAC-SHA. I'm sure that this would give much better
results.

Ge'

Ge' Weijers Voice: (614)326 4600
Progressive Systems, Inc. FAX: (614)326 4601
2000 West Henderson Rd. Suite 400
Columbus, OH 43220 http://www.Progressive-Systems.com


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:11 ADT