Confirmed users
471
edits
Identity/CryptoIdeas/02-Recoverable-Keywrapping: Difference between revisions
Identity/CryptoIdeas/02-Recoverable-Keywrapping (view source)
Revision as of 23:53, 13 September 2012
, 13 September 2012→Access Reliance Sets, Attack Costs
| Line 139: | Line 139: | ||
(we might omit the HMAC integrity check on WSUK, to avoid providing this | (we might omit the HMAC integrity check on WSUK, to avoid providing this | ||
oracle, in the hopes that SRP verifiers cost too much to create, and getting | oracle, in the hopes that SRP verifiers cost too much to create, and getting | ||
a plaintext/ciphertext pair is too hard. If we did this, | a plaintext/ciphertext pair is too hard. If we did this, corruption in the | ||
account server would not be detected until the user tried to decrypt data and | account server would not be detected until the user tried to decrypt data and | ||
failed) | failed) | ||