From: "Frank Yellin" <fy@Eng>
To: <fy@Eng>, "Jan Luehe" <Jan.Luehe@Eng>, <java-security@java.sun.com>,
Subject: Security, oops.
Date: Mon, 8 Mar 1999 16:18:09 -0800
In-Reply-To: <000701be69c1$9eb46660$45b09081@schmutz.eng.sun.com>
Uh duh. . .
> The Handbook of Applied Cryptography writes: (p.33)
>
> Hash functions as discussed above are typically publicly known and
> involve no secret keys. . . . Related to these are hash functions which
> involve a secret key, and provide data origin authentication as well as
> data integreity; these are called message authentication codes.
>
> The Handbook of Applied Cryptography writes (p. 31)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Applied Cryptography, p. 31
>
> A message authentication code,. . . is a one-way hash function with the
> addition of a secret key.
>
> > See above. The particular secret-key algorithm is not relevant.
> > All the implementation does is call:
> >
> > secretKey.getEncoded()
>