CS 465 Computer Security
BYU | Computer Science

Fall 2021

Section 1: TTh 3:30pm - 4:45pm - JFSB B092 (changed from MARB 130)

Homework #6

MAC then Encrypt? or Encrypt then MAC?

Read

https://moxie.org/2011/12/13/the-cryptographic-doom-principle.html

and refer to these as needed:

  • http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html
  • http://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign
  • http://crypto.stackexchange.com/questions/202/should-we-mac-then-encrypt-or-encrypt-then-mac

Write a few paragraphs - no more than 2 pages, describing the issue at a level suitable for a non-crypto, but technical reader. (Your future boss? Grant funder?) Describe the issues, which order you would recommend doing in some system you were designing that needed both message authentication and encryption. Discuss Pros and Cons.

Write this to persuade someone to take your recommendation.

Submit

Submit a PDF on Learning Suite.