Yоur cоlleаgue knew thаt Encrypt-аnd-Mac dоes not always yield a secure authenticated encryption scheme, even if the base encryption and MAC schemes are secure. For example, if a deterministic MAC is used, then two encryptions of equal messages will have equal parts. Therefore, he proposed to encrypt and MAC the message concatenated with a random string. Namely, a ciphertext is computed as follows for a random R (picked at random for each message):We assume that the message spaces for encryption and MAC can easily accommodate extra strings. Verification is defined accordingly. Convince your manager that your colleague’s generic composition proposal is not good security-wise. Your argument does not have to be formal, but it has to be convincing.