0

If I understand correctly MAC makes sure that the encrypted message isn't altered, so I presume signing the message with for example ed25519 would do the job too. Am I right?

lixkel
  • 1
  • Can we call this dupe of this What is the advantage of digital signatures over message authentication codes? – kelalaka Nov 24 '20 at 21:03
  • If you explain your actual case, you might get a better response, As your key-exchange, your encryption algorithm, and mode of operation. And, may be you need the non-repudiation or not. – kelalaka Nov 24 '20 at 21:10
  • I'm making very simple blockchain where transactions would be messages, as addresses I would use ed25519 public keys and i would want to implement encryption to those messages. I'm thinking of making key-exchange with x25519 then use the key for aes256 and I wonder if I need MAC if every message wold be signed by senders private key. I hope I make at least a little sense. – lixkel Nov 24 '20 at 21:36
  • The linked question provides the answer to your main question. Signature is fine for you Also, read this Should we sign-then-encrypt, or encrypt-then-sign? – kelalaka Nov 24 '20 at 22:01
  • @kelalaka I don't know if those links except the last apply. The question is whether we need to MAC if we are signing the message. The OP should clarify whether they really mean signing the message, as it isn't clear whether they merely wish to use eliptic curves for key exchange based on the last comment. Using it as (an albeit wonderful form of) key exchange to encrypt with AES is neither a signature nor authentication. – Modal Nest Nov 24 '20 at 22:39
  • @ModalNest my understanding from the comments, signed by senders private key, MAC is not using a private key. In the question altered is integrity, so the OP can do this with signature only. What I see, X25519 key exchange, KDF to derive AES Key, sign with ed25519 then encrypts. – kelalaka Nov 24 '20 at 22:45
  • @kelalaka Every message will be encrypted with AES256 and then signed with senders ed25519 private key to ensure integrity and then the whole message with signature will be sent to network. And thanks for links. – lixkel Nov 24 '20 at 23:37

0 Answers0