什么实现允许我检测失败的HMAC验证以检测主动攻击？

这是一个C# MAC code sample，可以修改它以在身份验证失败时进行警报或记录。这是不应该使用的一个不完整的样品AS-IS，因为其他很多细节需要落实Authenticate-then-Encrypt (AtE)或Encrypt-then-Authenticate (EtA)

之前被认为这将是很好知道什么性能计数器，日志文件，或DLL exception涉及到这错误。我将调查BouncyCastle以查看相应的例外情况。

// Compares the key in the source file with a new key created for the data portion of the file. If the keys 
// compare the data has not been tampered with. 
public static bool VerifyFile(byte[] key, String sourceFile) 
{ 
    bool err = false; 
    // Initialize the keyed hash object. 
    using (HMACSHA1 hmac = new HMACSHA1(key)) 
    { 
     // Create an array to hold the keyed hash value read from the file. 
     byte[] storedHash = new byte[hmac.HashSize/8]; 
     // Create a FileStream for the source file. 
     using (FileStream inStream = new FileStream(sourceFile, FileMode.Open)) 
     { 
      // Read in the storedHash. 
      inStream.Read(storedHash, 0, storedHash.Length); 
      // Compute the hash of the remaining contents of the file. 
      // The stream is properly positioned at the beginning of the content, 
      // immediately after the stored hash value. 
      byte[] computedHash = hmac.ComputeHash(inStream); 
      // compare the computed hash with the stored value 

      for (int i = 0; i < storedHash.Length; i++) 
      { 
       if (computedHash[i] != storedHash[i]) 
       { 
        err = true; 
       } 
      } 
     } 
    } 
    if (err) 
    { 
     Console.WriteLine("Hash values differ! Signed file has been tampered with!"); 
     // 
     // 
     // <-------- This is where the MAC alerting would go 
     // 
     // 

     return false; 
    } 
    else 
    { 
     Console.WriteLine("Hash values agree -- no tampering occurred."); 
     return true; 
    } 

} //end VerifyFile 

验证器无法确定密码是否有效的任何方法。唯一不会让您提醒和报告失败的身份验证尝试的方案是身份验证尝试可能会绕过服务器的方案。

例如，如果认证者是一个AES密钥（可以从密码或密码生成），只需挑战认证代理来加密或解密随机的128位字符串。攻击者得到的是一个随机的128位字符串。因此，要尝试查看某个特定密码是否有效，他必须将回复发送给您，并且您可以记录一个不正确的密码。