What is the need of HMAC in Diffie-Hellman?

Asked Oct 09 '20 at 06:46

Active Oct 09 '20 at 08:27

Viewed 106 times

When Alice and Bob both have the same shared secret to encrypt their data (Diffie-Hellman) and Alice encrypts her data with this key and Bob can decrypt it with the same key, then Bob knows that the message comes from Alice.

So why is still HMAC needed?

edited Oct 09 '20 at 08:27

schroeder

123,438
55
284
319

asked Oct 09 '20 at 06:46

Lars Laf

Bob also wants to make sure that integrity of cipher text is protected. HMAC isn't meant to be used for non-repudiation. Even if Alice has sent a message, she can deny sending that message and can claim that Bob himself has crafted it. – defalt Oct 09 '20 at 07:25
1

Similar to https://security.stackexchange.com/questions/33569/why-do-you-need-message-authentication-in-addition-to-encryption – mti2935 Oct 09 '20 at 11:29
Do you know what HMAC is for? – schroeder Oct 11 '20 at 12:31

What is the need of HMAC in Diffie-Hellman?

0 Answers0