Hi Nick, Use an HMAC.
Jeff On 6/25/09, Nick Aschberger <[email protected]> wrote: > > Hi Folks, > > I may be missing something in my use of the SHA1 algorithm, I am > hoping you can explain it to me. > > I have an unencrypted string, I make a function call like: > my_sha1_object.calculateDigest(outputdigest, inputstring, length); > > No problems there, my digest is created. > > > However, I am sending this information across a socket, so I'm > thinking that anyone can snoop my unencrypted string, > and assuming they were also using cryptopp sha algorithm, they would > easily be able to recreate the same digest. > > Am I wrong in thinking this is insecure - am I thinking about this > incorrectly? > > I've been wondering if there is some way to initialise the "state" of > the sha object with our own key/values, which would be secure, and > unrepeatable. > > I have looked in to the sha1.InitState function - this retrieves the > intial state - but how do you set it? > > Is the "transform" function what I am after? There is no documentation/ > usage guide/examples or even comments (or my google-fu is weak!) for > either InitState or Transform functions. > So, what are they for, and do they do what I want? > > thanks! > > > Nick Aschberger > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
