From nobody Sat Jan 30 13:44:10 2021
Authentication-Results: mail-b.sr.ht; dkim=none 
Received: from mail.nullprogram.com (mail.nullprogram.com [192.241.191.137])
	by mail-b.sr.ht (Postfix) with ESMTPS id 3F22E11F00D
	for <~skeeto/public-inbox@lists.sr.ht>; Sat, 30 Jan 2021 13:44:10 +0000 (UTC)
Received: from nullprogram.com (localhost [127.0.0.1])
	by mail.nullprogram.com (Postfix) with ESMTPS id C35EFC71D5;
	Sat, 30 Jan 2021 08:44:09 -0500 (EST)
Date: Sat, 30 Jan 2021 08:44:01 -0500
From: Christopher Wellons <wellons@nullprogram.com>
To: Dimitrije Erdeljan <dimitrije.erdeljan@gmail.com>
Cc: ~skeeto/public-inbox@lists.sr.ht
Subject: Re: Single-primitive authenticated encryption for fun
Message-ID: <20210130134401.m4n6bt47genqsjkj@nullprogram.com>
References: <5b3ef28a-c8b7-2835-9a56-6968aca5606c@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <5b3ef28a-c8b7-2835-9a56-6968aca5606c@gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)

Thanks, Dimitrije! I've learned something new, so my exercise continues to 
serve its purpose. My mistake seems really obvious after having it spelled 
out. Alternative to your suggested fix, it seems HMAC would have rescued 
this MAC as well. I'd have been better off skipping the "swap" trick 
altogether and just relying on that.