Re: encryption with pass-phrase

Thu, 11 Sep 2003 14:48:01 -0700 

I gotta stop posting at the end of the day.  Of course your algorithm *does*
use the full passphrase.  I'd still recommend Mash, though.

----- Original Message ----- 
From: "Guy Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, September 11, 2003 5:46 PM
Subject: Re: encryption with pass-phrase


> I'd suggest looking at the "Mash" function instead.  You can find it in
the
> file "default.cpp" in the crypto distribution.  The reason I suggest that
is
> because what you're proposing here doesn't benefit from long passphrases;
if
> you're using a typical 128-bit AES key, for example, it would only use the
> first 20 bytes of the passphrase, no matter what, and then it would trim
the
> resulting hash to 16 bytes.  While I can't tell if the second operation
will
> always reduce the entropy of your key, the first operation certainly
would.
> In other words, the algorithm you list below is insecure, because it does
> not use the entire keyspace available to it.  Dictionary attacks are still
> possible.
>
> --Guy
>
> ----- Original Message ----- 
> From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, September 11, 2003 3:50 AM
> Subject: Re: encryption with pass-phrase
>
>
> > Hello again,
> >
> > I'm going to use following algorithm:
> >
> > key_size=0
> > string=pass-phrase
> > key_from_string=""
> > while(key_size < key_required_size)
> > {
> >  key_from_string+=SHA1(string)
> >  string+=key_from_string
> >  key_size += 20 bytes
> > }
> > The obtained key_from_string is key for encryption.
> >
> > Is it secure to use following algorithm?
> > Does CryptoPP suggests something better?
> >
> > Best Regards,
> > Voronkov Konstantin
> >
> > ----- Original Message ----- 
> > From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Wednesday, September 10, 2003 4:04 PM
> > Subject: encryption with pass-phrase
> >
> >
> > > Hello All!
> > >
> > > Is there a way to encrypt something with pass-phrase instead of key
> > >  with CryptoPP 4.2? If not what is a standard and secure way for
> > >  generating encryption key from pass-phrase?
> > >
> > > Best Regards,
> > > Voronkov Konstantin
> > >
> >
>

Reply via email to