Hacker News new | ask | show | jobs
by theunixbeard 5122 days ago
The title is sort of linkbait, as in fact what it should be is "Never use hash functions vulnerable to extension attacks"... (And most common ones are) With that said, this stuff is pretty cool and after reading that the author learned all this in the Coursera Cryptography class I decided to sign up for it. (Starts June 11th)
3 comments
klodolph 5122 days ago
Although really, the maxim in the title is true. You should never use hash functions for authentication, you should use authentication codes.

As an analogy, you should never use a hammer to put in screws. That's not linkbait just because you have a tool that's a hammer on one end and a screwdriver on the other end.

link
cobbal 5122 days ago
I think the title is fairly accurate if you read it as "never use a hash when you need a MAC". MACs have nice provable security properties that you get for free, so you don't get surprises like extension attacks.
link
quotemstr 5122 days ago
You can learn all that and more just by reading Applied Cryptography.
link
tptacek 5122 days ago
People that build crypto after reading Applied Cryptography are doing a fine job paying for my kids college education, so I agree with you and encourage everyone to do likewise.

If you don't happen to like my kids, well, first, screw you, and secondly: buy _Practical Cryptography_ or _Cryptography Engineering_ (really the same book) and burn your copy of "Applied".

link
quotemstr 5122 days ago
There's nothing wrong with Applied Cryptography so long as you _understand_ it. If you blindly apply outdated algorithms, yes, you lose. Everyone should read both Applied Cryptography _and_ the other books you mentioned, and keep up on the literature besides.
link
tptacek 5122 days ago
No, there's a lot wrong with _Applied Cryptography_, and those things have very little to do with the fact that AC writes about IDEA and not AES.

If you read _Practical Cryptography_, you don't need to read _Applied Cryptography_. AC is a book full of trivia, and of encyclopedia-style descriptions of random block ciphers with minimal attention given to the actual real-world attacks on implementations of those ciphers.

I strongly advise that you not waste time reading AC. If you're lucky, you can read it and just lose time; if you're unlucky --- and a lot of my clients have been --- you can find yourself having learned stuff you'll later need to unlearn.

link
quotemstr 5122 days ago
Paging through my copy of AC, I think you're right. I'd been a while since I read it. PC is indeed the better book.
link
tptacek 5122 days ago
Even Schneier has somewhat acknowledged how toxic AC turned out to be.
link