All Questions
18
questions
1
vote
0
answers
91
views
is HMAC required if i am using AES-CFB and using Digital signatures for Authentication
I researched online and found AES-GCM and ChaCha20Poly1305 aren't post quantum secure. So I am planning to use symmetric AES256 cipher in CFB mode do I need to implement MAC using HMAC like HMAC-...
-1
votes
1
answer
65
views
Encryption on one AES mode and decrypting on another, where both use HMAC
Let's say there are 2 ciphers, $enc$ and $dec$, where:
$enc$ will encrypt the data, and $dec$ will decrypt it.
Both $enc$ and $dec$ must be an AES cipher.
$enc$ and $dec$ will use the same key $k$ ...
0
votes
1
answer
169
views
Using HMAC with AES modes that do NOT require padding [closed]
I'm trying to use HMAC with AES modes that do not require any sort of padding.
Although I am aware that modes like AES-GCM and ...
-1
votes
2
answers
557
views
Is HMAC a suitable substitute for HKDF?
My PHP version does not include the hash_hkdf() function, and upgrading versions is not worth the trouble for my project (which is for personal pleasure, not for ...
0
votes
1
answer
140
views
Do I need to use HMAC in this crypto wallet backup application?
I'm building an application for securely backing up cryptocurrency private keys or 12-word backup phrases that crypto wallets use as a seed to generate private keys. For the purpose of this question, ...
0
votes
1
answer
101
views
Restricting symmetric key usage
I have a system where some clients communicate with a server. every client has its own name and role and some other parameters that sends these info to the server in every message and the server uses ...
1
vote
1
answer
658
views
Is this symmetric key MAC-then-encrypt auth token methodology secure?
NOTE: This question originally conflated a "digital signature" and a "MAC", which I've since learned are not the same thing. Any references (in the answer or any comments) to a "signature" should be ...
1
vote
3
answers
6k
views
Public key encryption and message integrity
Let's say I want to send an encrypted email thus I encrypt it with the receiver's public key, so that the receiver uses its private key to decrypt it.
If someone tampers with the message in between ...
0
votes
3
answers
481
views
About MAC and HMAC
I'm studying mechanisms of integrity and authentication in symmetric encryption scenarios. I want to propose some examples to see whether I got the point here:
Let $m$ be the message, $c$ the ...
6
votes
0
answers
310
views
How to make a "zero knowledge" cache/key-value store
I'd like to use a possibly insecure cache for storing expensive-to-calculate sensitive information. My requirements are:
If the cache ever gets compromised it should reveal nothing about its ids or ...
1
vote
2
answers
2k
views
NIST HMAC Test vectors
I am searching test vectors of the HMAC-SHA256 primitive to verify the correctness of an implementation.
Without hesitation I go on the NIST website to see what they offer.
While reading the ...
1
vote
2
answers
1k
views
Is the security of an HMAC equally important as the security of the cipher itself?
I'm a little unclear on how hash based MAC works... So I would like to know, is the security of your hash function as important as the security of the overall cipher? Basically, if you can crack the ...
8
votes
2
answers
1k
views
Is it okay to use an HMAC of the plaintext and a (possibly distinct) key as the IV for symmetric cryptography?
I was thinking of how to create an IV for a block cipher that doesn't require stored state, and I came up with the idea of using an HMAC of the (padded) plaintext and a (possibly distinct) key as the ...
0
votes
3
answers
759
views
Updating the secret key used for HMAC
I am designing a distributed system, composed by a set of physically distributed embedded devices (8 bit cores with less than 1 KB of RAM). The devices need to be able to authenticate the originator ...
5
votes
2
answers
4k
views
Combining two keys
What is the most secure way to combine two "random" keys X of size k (k ≤ 512 bits) and Y of size 512 bits in one key Z of size k?
Result Z will be used for encryption/decryption with various ...