@tqbf Isn't doing that a NIST standard thingy they say is ok? hmm
-
-
@BRIAN_____@marshray@kyhwana@tqbf I just gave you the proof! It's obviously secure if you believe well known proofs that hmac is a prf. -
@trevp__@marshray@kyhwana@tqbf I responded on the mailing list: https://moderncrypto.org/mail-archive/messaging/2014/001034.html … -
@BRIAN_____@trevp__@kyhwana@tqbf http://tools.ietf.org/html/rfc2104#section-5 … "A well-known practice with msg authentication codes is to truncate the output" -
-
-
@BRIAN_____@marshray@trevp__@kyhwana@tqbf Once you assume the underlying compression function is a PRF, you assume the rest from there. -
@justintroutman@BRIAN_____@marshray@trevp__@kyhwana@tqbf don't most HMAC security proofs have to assume underlying comp. fn is a PRF? -
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.