I think I'm missing something really basic here. If you encrypt-then-mac, what i... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lisper on June 25, 2009 \| parent \| context \| favorite \| on: Encrypt-then-MAC I think I'm missing something really basic here. If you encrypt-then-mac, what is to prevent an attacker from appending a valid MAC to a forged ciphertext (in order to mount a DOS attack for example)?

cperciva on June 25, 2009 [–]

A MAC is a keyed hash -- you can only compute it if you have the MAC key.

lisper on June 25, 2009 | [–]

Ah. Thanks. I knew I was missing something basic :-)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact