On Wed, Apr 03, 2002 at 11:12:40PM -0700, James Yonan wrote: > > (b) Some kind of *optional* EVP method (so it doesn't break interoperability > with non-OpenSSL clients) that, given an EVP_CIPHER and key, will > deterministically mutate the key into a correct form.
Out of 2^56 DES keys, there are four weak keys and 12 semi-weak keys. The odds of getting a weak key are incredibly slight. Most people don't bother to check, and it isn't considered a security risk. Performing a transformation on semi-week keys seems like a bad idea compared to simply ignoring weak and semi-weak keys, because (in the case of DES) you've just made 16 keys twice as likely to be used. It's just as easy to test for 16 likely keys as it is to test for 16 semi-weak keys. Basically, you've just made the problem twice as bad (not that it was so bad in the first place). If you care about checking for weak keys, then you should simply generate a new key at random when you detect a weak key. Check for weakness before key agreement, period. John ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
