Hello, Michael!
Your case with MAC address works only on one computer.
You will not be able to de-crypt message on other PC.
Best Regards,
Konstantin
----- Original Message -----
From: "Michael Hunley" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 12, 2003 7:38 PM
Subject: Re: encryption with pass-phrase
> You could consider using the passphrase as an AES key. I would require
the
> passphrase be at least 16 characters, preferably with non-standard words
> (use mixed case, numbers and symbols to avoid the dictionary attack). If
> it can be <16 there may be ways to secure it, still, depending on your
> situation. For instance, using the MAC address of the host PC to fill in
> the missing bytes if the host will always be the same for a given
passphrase.
>
> I think this would be secure, but would love to hear more knowledgable
> crypto people chime in on it.
>
> At 11:50 AM 9/11/2003 +0400, you wrote:
> >Hello again,
> >
> >I'm going to use following algorithm:
> >
> >key_size=0
> >string=pass-phrase
> >key_from_string=""
> >while(key_size < key_required_size)
> >{
> > key_from_string+=SHA1(string)
> > string+=key_from_string
> > key_size += 20 bytes
> >}
> >The obtained key_from_string is key for encryption.
> >
> >Is it secure to use following algorithm?
> >Does CryptoPP suggests something better?
> >
> >Best Regards,
> >Voronkov Konstantin
> >
> >----- Original Message -----
> >From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Sent: Wednesday, September 10, 2003 4:04 PM
> >Subject: encryption with pass-phrase
> >
> >
> > > Hello All!
> > >
> > > Is there a way to encrypt something with pass-phrase instead of key
> > > with CryptoPP 4.2? If not what is a standard and secure way for
> > > generating encryption key from pass-phrase?
> > >
> > > Best Regards,
> > > Voronkov Konstantin
> > >
>
