Cryptography Reference
In-Depth Information
(c) Suggest several different ways inwhich Alice could prevent the above attack
from occurring.
18
. Confidentiality and data origin authentication can be provided using separate
operations by either the encrypt-then-MAC or MAC-then-encrypt construc-
tions (see Section 6.3.6). However, a third possibility is to use the following
encrypt-and-MAC
construction:
• the message is encrypted;
• the MAC is computed on the full message;
• the ciphertext, the associated data and the MAC are sent to the receiver.
(a) Explain the process that the receiver follows to decrypt and check data
received using this construction.
(b) Compare this approach to the encrypt-then-MAC andMAC-then-encrypt
constructions.
19
. Some modes of operation have been proposed that provide both data origin
and confidentiality.
(a) What are the advantages of combining the provision of these two security
services in one cryptographic process?
(b) Identify some applications that use such a mode of operation.
(c) What are the possible disadvantages of using a combined mode of
operation, as opposed to implementing two separate securitymechanisms?
20
.
In this chapter we have seen several examples of cryptographic 'recycling'
(building cryptographic mechanisms from other cryptographic mechanisms).
This might make sense from an efficiency perspective, but to what extent do
you think it makes sense from a security perspective? (Present both a case 'for'
and a case 'against'.)
