cryptography - CBC-MAC decryption, how MAC works in encryption -


i figured out triple des encryption , decryption credit card. can 1 tell me how de-crypt cbc-mac...cbc-mac @ end give 4 byte mac. mac encryption, how work? mac doing?

once there encryption done through cbc-mac, how can de-crypt them? triple-des not work case.

another question here. have heard of decryption algorithm involves:

  • dukpt
  • tdes, and
  • mac variant (versus pin variant)

i have understanding of tdes , dukpt, how mac variant play role in decryption algorithm?

how mac variant different pin variant?

thank you!

i figured out triple des encryption , decryption credit card. can 1 tell me how de-crypt cbc-mac...cbc-mac @ end give 4 bit mac.

here's visual of how cbc mode works via wikipedia. cbc mode via wikipedia

what cbc-mac take last block of ciphertext output , calls mac. mac should size of block cipher not 4 bits. if you're using 3des 64 bits.

from mac encryption, how work? mac doing?

mac , encryption 2 separate things. i'll try give brief rundown of each.

  • encryption provides confidentiality, means (in symmetric crypto case) correct key can read contents of message.
  • mac provides integrity, means message has not been tampered somewhere between sender , recipient.

the reason macs exist if cannot read encrypted messages, can still possibly modify encrypted message without recipient knowing modified (this has caused sorts of nasty problems in real world). mac send along encrypted message. recipient first compute mac of encrypted message, , checks if matches mac sent encrypted message. if match recipient knows message not tampered with.

once there encryption done through cbc-mac, how can de-crypt >them? triple-des not work case.

if using 3des encrypt recommend first encrypting message (let's call c). i'd recommend using other cbc-mac because cbc-mac not provide security. i'd recommend use hmac compute mac encrypted message (hmac(c)). means you'll need 2 keys, 1 3des , 1 hmac. hmac supported in languages finding implementation shouldn't issue.

so in summary, take message m, compute 3des(m) = c, compute hmac(c) = t, , send (c, t) whoever receiving data. recipient compute hmac(c) = t', check t' == t, , if match compute 3des(c) = m original message. hope helps, quite bit of info, feel free ask clarify. :)


Comments

Popular posts from this blog

c# - Better 64-bit byte array hash -

webrtc - Which ICE candidate am I using and why? -

php - Zend Framework / Skeleton-Application / Composer install issue -