What is HMAC for in TLS 1.3?

L

ld_nightshield2021-01-17 21:50:51

Encryption

ld_nightshield, 2021-01-17 21:50:51

Good afternoon,

The question is this - Why do we need HMAC in TLS 1.3?

I understand that this is an integrity check, but I do not understand why we need it when we use AES for encryption and our traffic is hidden. Even if the traffic is intercepted, essentially it will not be possible to replace our traffic, because our symmetric key on the server will not work when decrypting. And if our key is stolen, it doesn't cost anything for an attacker to assemble a packet from HMAC.

In general, the order of encryption and hashing is not entirely clear to me. A-->B-->C-->D.

Update:
Did some digging on the net and came to the conclusion -->
1) First the packet is hashed, then the tag is added to the packet itself, and then the packet is encrypted.
2) If in any way it is possible to decrypt the traffic, it will not be possible to change the traffic, because the hash will not go back and in this case we need the SHA key. Security may be lost, but integrity is preserved.

I also understand that this will protect against network problems. Though like it and so TCP is engaged.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

O

Ocelot, 2021-01-18
@Ocelot

Without HMAC, a message, for example, can be truncated from the end, and it will be decrypted correctly.