This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User talk:Jmanico"
From OWASP
m (MAC) |
m |
||
| Line 1: | Line 1: | ||
==Cryptographic Storage Cheat Sheet== | ==Cryptographic Storage Cheat Sheet== | ||
| − | Jim, I've been just looking at [[Cryptographic Storage Cheat Sheet]] and it's missing direct requirement on ensuring message integrity. It's kind of mentioned in the section on authenticated encryption modes, but without mentioning HMAC it's like describing Rolls-Royce without mentioning Ford :) And the problem seems to be wide-spread (as I've just wrote [http://ipsec.pl/node/1085 here]). [[User:Pawel Krawczyk|Pawel Krawczyk]] 21:47, 21 January 2013 (UTC) | + | Jim, I've been just looking at [[Cryptographic Storage Cheat Sheet]] and it's missing direct requirement on ensuring message integrity. It's kind of mentioned in the section on authenticated encryption modes, but without mentioning HMAC it's like describing Rolls-Royce without mentioning Ford :) And the problem seems to be wide-spread (as I've just wrote [http://ipsec.pl/node/1085 here]). I can add that, but wanted to coordinate with you first. [[User:Pawel Krawczyk|Pawel Krawczyk]] 21:47, 21 January 2013 (UTC) |
Revision as of 21:48, 21 January 2013
Cryptographic Storage Cheat Sheet
Jim, I've been just looking at Cryptographic Storage Cheat Sheet and it's missing direct requirement on ensuring message integrity. It's kind of mentioned in the section on authenticated encryption modes, but without mentioning HMAC it's like describing Rolls-Royce without mentioning Ford :) And the problem seems to be wide-spread (as I've just wrote here). I can add that, but wanted to coordinate with you first. Pawel Krawczyk 21:47, 21 January 2013 (UTC)
