[cryptography] Key Checksums (BATON, et al)
pgut001 at cs.auckland.ac.nz
Wed Mar 27 23:50:44 EDT 2013
Jeffrey Walton <noloader at gmail.com> writes:
>What is the reason for checksumming symmetric keys in ciphers like BATON?
>Are symmetric keys distributed with the checksum acting as a authentication
>tag? Are symmetric keys pre-tested for resilience against, for example,
>chosen ciphertext and related key attacks?
For Type I ciphers the checksumming goes beyond the simple DES-style error
control, it's also to ensure that if someone captures the equipment they can't
load their own, arbitrary keys into it.
More information about the cryptography