Here's a classic - not understanding the implications of encrypt-then-mac vs mac... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		markc on Aug 30, 2020 \| parent \| context \| favorite \| on: So you want to roll your own crypto? Here's a classic - not understanding the implications of encrypt-then-mac vs mac-then-encrypt. https://crypto.stackexchange.com/questions/202/should-we-mac...

tzs on Aug 30, 2020 [–]

If speed was not an issue and you don't mind having to have 3 keys, could you cover all the bases by doing MAC-then-encrypt, then treat that as cleartext and do encrypt-and-MAC on that, and finally treat the result of that as cleartext and do encrypt-then-MAC on that to get the final thing you send?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact