On Mon, May 07, 2001 at 09:09:37AM -0500, Scott Gregory Miller wrote:
> > > the key, which would make me feel better).
> >
> > So at the moment, the data to be encrypted always begins with a 2-byte
> > length field followed by the bytes of the crypto key, and we leave the
> > IV initialized to all zeroes.
> >
> > Is there any actual advantage in initializing the IV to some hash
> > function of the crypto key?
>
> Yeah, you don't have to stick it in the document, you could just put say 4
> bytes of the encrypted crypto key in the storables to verify that you have
> the correct key. I'm not certain, but it just makes me uncomfortable
> using the encryption key as the IV. Perhaps it doesnt matter for good
> ciphers, but why take the risk.
Ok, instead of starting off the Document-header with the crypto key itself,
let's start it with the SHA1 hash of the crypto key, so Document-header
looks like:
<2 bytes, byte length of crypto key hash, i.e. 0x0014>
<20 bytes crypto key hash>
<2 bytes, byte length of data length field>
<big endian data length>
<2 bytes, byte length of metadata length field>
<big endian metadata length>
Now if my limited understanding of crypto is correct, arranging it so
the plaintext to be encrypted begins with the hash of the crypto key
is just as good as initializing the IV with some hash function of
the crypto key, so we can leave the IV initialized to all zeroes,
right?
--
# tavin cole
#
# "The process of scientific discovery is, in effect,
# a continual flight from wonder."
# - Albert Einstein
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
