0

If I send the following response more than once to an untrusted party:

{c, v, HMAC(c + v)}

where c is the same value from response to response.
where v varies from response to response.
where + is a concatenation.

Does having the constant as the start of the HMAC input "weaken" the HMAC?

Is it safer to compute the HMAC with the varying argument first:

{c, v, HMAC(v + c)}

or perhaps doesn't matter?

Dave
  • 637
  • 6
  • 12
  • This question appears to be off-topic because it is a cryptography question unrelated to programming. [crypto.stackexchange.com](http://crypto.stackexchange.com/) may be a more appropriate venue. – President James K. Polk Sep 27 '14 at 12:13

1 Answers1

0

It doesn't matter. HMAC is designed specifically to address prefix attacks, among others.

Paul Lambert
  • 420
  • 3
  • 10