Y
Hacker News
new
|
ask
|
show
|
jobs
by
meowface
4172 days ago
Or, from the inverse perspective: always authenticate and/or verify the integrity of data before processing it at all, whether that processing be decryption, string manipulation, or otherwise.
1 comments
StavrosK
4172 days ago
Which you can't do if the MAC is within the encrypted message.
link
meowface
4172 days ago
Of course. EtM is the only way to go. Just saying it can be applied to other areas, too.
link