![]() ![]() So the answer is no, the MAC is not secure. And so my question to you is whether the resulting MAC is secure. In other words we take the last block and just add zeros to it until the last block becomes as long as one full block size. So the solution of course is to pad the message and the first pad that comes to mind is to simply pad the message with all zeros. So here we have a message where the last block actually is shorter than the full block and the question is how to compute the ECBC-MAC in that case. And the question is what to do when the message length is not a multiple of the block size. But in the last segment, we always assumed that the message itself could be broken into an integer number of blocks for the block cipher. So recall that the encrypted CBC mac or ECBC-MAC for short uses pseudorandom permutation F to actually compute the CBC function as we discussed in the last segment. In this segment, we're going to see what to do when the message length is not a multiple of the block size. In the last segment we talked about the CBC-MAC and the NMAC, but throughout the segment we always assumed that the message length was a multiple of the block size.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |