Thanks you all for help,
I'll use Mash instead my algorithm.
I'll write in documentation the requirements for user
pass-phrases (length, well-known phrases, etc),
and I'll also write that almost all pass-phrases produces
secure insufficient for encryption key.
Best Regards,
Konstantin
----- Original Message -----
From: "Guy Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 12, 2003 1:51 AM
Subject: Re: encryption with pass-phrase
> I gotta stop posting at the end of the day. Of course your algorithm
*does*
> use the full passphrase. I'd still recommend Mash, though.
>
> ----- Original Message -----
> From: "Guy Smith" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, September 11, 2003 5:46 PM
> Subject: Re: encryption with pass-phrase
>
>
> > I'd suggest looking at the "Mash" function instead. You can find it in
> the
> > file "default.cpp" in the crypto distribution. The reason I suggest
that
> is
> > because what you're proposing here doesn't benefit from long
passphrases;
> if
> > you're using a typical 128-bit AES key, for example, it would only use
the
> > first 20 bytes of the passphrase, no matter what, and then it would trim
> the
> > resulting hash to 16 bytes. While I can't tell if the second operation
> will
> > always reduce the entropy of your key, the first operation certainly
> would.
> > In other words, the algorithm you list below is insecure, because it
does
> > not use the entire keyspace available to it. Dictionary attacks are
still
> > possible.
> >
> > --Guy
> >
> > ----- Original Message -----
> > From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Thursday, September 11, 2003 3:50 AM
> > Subject: Re: encryption with pass-phrase
> >
> >
> > > Hello again,
> > >
> > > I'm going to use following algorithm:
> > >
> > > key_size=0
> > > string=pass-phrase
> > > key_from_string=""
> > > while(key_size < key_required_size)
> > > {
> > > key_from_string+=SHA1(string)
> > > string+=key_from_string
> > > key_size += 20 bytes
> > > }
> > > The obtained key_from_string is key for encryption.
> > >
> > > Is it secure to use following algorithm?
> > > Does CryptoPP suggests something better?
> > >
> > > Best Regards,
> > > Voronkov Konstantin
> > >
> > > ----- Original Message -----
> > > From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Wednesday, September 10, 2003 4:04 PM
> > > Subject: encryption with pass-phrase
> > >
> > >
> > > > Hello All!
> > > >
> > > > Is there a way to encrypt something with pass-phrase instead of key
> > > > with CryptoPP 4.2? If not what is a standard and secure way for
> > > > generating encryption key from pass-phrase?
> > > >
> > > > Best Regards,
> > > > Voronkov Konstantin
> > > >
> > >
> >
>
