5.7 KNOW THY WEAKNESS

Encrypt-Then-MAC is the recommended approach to combining encryption and MACs. However, it is good to understand all three approaches. If nothing else, if you ever have to maintain code you did not write, or have to be compatible with legacy systems, you may encounter this in the future. Modify your (highly recommended) Encrypt-Then-MAC system to create a MAC-Then-Encrypt variant. Finally, create a Encrypt-And-MAC version as well.

---

I feel like, if you understand the previous exercise, this one should be easy.

But the following, are things to recall:

1. Encrypt-Then-MAC: Encrypt the plaintext. Then apply the MAC over the ciphertext. (This is what we did in the previous exercise.)

2. MAC-Then-Encrypt: Perform the MAC on the plaintext. Then you encrypt both the plaintext & the MAC.

3. Encrypt-And-MAC: Perform the MAC on the plaintext. Then you send the ciphertext and MAC. MAC is not encrypted.