This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

To share info, Cryptography, Encrypt-then-MAC

======================================

( MAC == Message Authentication Code )

www.daemonology.net/.../2009-06-24-encrypt-then-mac.html

Having decided to use a composition of separate encryption and authentication primitives, there remain several options. The three most widely used are

Encrypt-and-MAC:
The ciphertext is generated by encrypting the plaintext and then appending a MAC of the plaintext. This is approximately how SSH works.
MAC-then-encrypt:
The ciphertext is generated by appending a MAC to the plaintext and then encrypting everything. This is approximately how SSL works.
Encrypt-then-MAC:
The ciphertext is generated by encrypting the plaintext and then appending a MAC of the encrypted plaintext. This is approximately how IPSEC works.

Of these three, only Encrypt-then-MAC is provably secure,

=========================================================

I found the above article by reading Gea-Suan Lin's BLOG this morning.

blog.gslin.org/.../

Gea-Suan Lin's BLOG is a Traditional Chinese blog. But you can ignore all the Traditional Chinese, just click the links that Gea-Suan Lin provided.

=========================================================

The above articles are complex and difficult for me, but it does provide some thoughts to me.