TLS uses key exchange, authentication, encryption and message authentication. How relevant is the message authentication if identity has already been established through authentication and encryption is safeguarding the data?
Say for example, message data is encrypted and changed in transit. Wouldn't the recipient then decrypt the changed data and receive junk text and therefore know it can't use the data? Is message authentication such as HMAC then also failing because the data has been changed in transit still necessary?
No comments:
Post a Comment