*Colin didn't flag this flaw.* To be fair, I didn't notice message extension att... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cperciva on Sept 29, 2009 \| parent \| context \| favorite \| on: MD5 hash extension attack breaks API authenticatio... Colin didn't flag this flaw. To be fair, I didn't notice message extension attacks because AWS used an HMAC -- not a hash function -- and thus wasn't vulnerable. crypto primitives are radioactive. You are not going to get them right It doesn't take an expert cryptographer to know that if you want a MAC you should use a MAC.

tptacek on Sept 29, 2009 [–]

No, but apparently it takes better than Google can muster to implement that MAC in such a way that Nate Lawson can't extract secrets from it remotely. You will never win this argument.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact