[cryptography] "stream MAC" - does anything like it exist?
chris at noncombatant.org
Sun Sep 12 21:15:13 EDT 2010
James A. Donald writes:
> What he wants is the that probability is cumulative - that each short
> field not only validates the latest packet, but strengthens the
> probability that all previous accepted packets were correct.
Schneier and Kelsey described a potentially-similar-enough technique:
In their case, they were verifying the integrity of a sequence of log
entries instead of media frames. But maybe that is close enough to Travis'
problem to be of use.
I agree with Bellovin that truncating the MAC is of little benefit except in
bandwidth-constrained applications --- truncating the MAC decreases its
protective power. There may be situations in which it's a fine trade-off, of
This survey paper has more references:
More information about the cryptography