Re: hashing with a key

Fri, 01 Feb 2008 18:15:25 -0800 

HMAC should be at least as strong as the underlying hash function, but 
apparently it isn't much stronger. See the papers listed at 
http://www.cryptolounge.org/wiki/HMAC.

For the highest security, I suggest using HMAC/SHA-512 or HMAC/Whirlpool.

Do not hash the HMAC output with standard SHA. That doesn't help at all.

--------------------------------------------------
From: "mihailo" <[EMAIL PROTECTED]>
Sent: Wednesday, January 30, 2008 10:38 AM
To: "Crypto++ Users" <[EMAIL PROTECTED]>
Subject: Re: hashing with a key

>
> Of course, it is possible to hash the result with the standard SHA
> algorithm. Or, it is also possible to encrypt data with the given key
> and use hash over encrypted data.
>
> All in all, problem is solved.
>
> Thanks for useful advice.
>
> On Jan 30, 5:59 pm, mihailo <[EMAIL PROTECTED]> wrote:
>> Thanks, Jeffrey.
>>
>> Will it be much easier to crack than SHA-1 or SHA-2 ?
>>
>> On Jan 30, 5:45 pm, "Jeffrey Walton" <[EMAIL PROTECTED]> wrote:
>>
>> > Hi Mihailo,
>>
>> > Geoff is right on. Keep in mind the HMAC output ('keyed signature')
>> > will be the size of the cipher's block size (typically 64 or 128
>> > bits), rather than a conventional signature size. For example, 160
>> > bits (SHA-1) or 512 bits (Whirlpool).
>>
>> > Jeff
>>
>> > On 1/30/08, mihailo <[EMAIL PROTECTED]> wrote:
>>
>> > > Hello.
>>
>> > > I would like to know if there exists some hashing function that uses 
>> > > a
>> > > key for calculating a result. Or, is there any hash function H with
>> > > the following description : H(data, key1) does not produce the same
>> > > result as H(data, key2) ?
>>
>> > > Similar as encryption, but its result should not be reversible.
>>
>> > > Thanks in advance,
>> > > Mihailo
> > 


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [EMAIL PROTECTED]
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Reply via email to