* [EMAIL PROTECTED] wrote on Fri, May 30, 2008 at 06:51 -0500:
> Back in the day, DES was the de facto encryption algorithm.
[...]
> In an ideal world, I think the system should throw an exception
> then and let the calling application feed it another key.
> However, I think the general consensus was that we should just
> ignore it.
I don't know what the general consensus was, but applications
I know do not ignore this situation but handle it by actively
rejecting it. Do you meant this by `ignore'?
I think best is to consider a weak or semi-weak [3-]DES[1] key as
a [3-]DES key acceptable and thus refuse to generate, store or
use it[2]. In practice usually it shouldn't be a big deal to iterate
a 16 elements table at key generation, which probably usually is
much more expensive.
So to say that DES is not defined / allowed for those numbers
(keys). I think it is a little like division by zero: it simply
cannot be done.
BTW, testing that can be difficult and probably needs special
considerations (e.g. some test driver with special `PRNG without
random' generating bits that lead to a weak key to check if the
generator correctly detects and refuses it).
oki,
Steffen
[1] A 3DES key with one weak or semi-weak key half should be
considered weak (not essentially stronger than single DES).
[2] http://en.wikipedia.org/wiki/Weak_key tells as a main
countermeasure: `Checking generated keys against a list of
known weak keys, or building rejection of weak keys into the
key scheduling.'
About Ingenico Throughout the world businesses rely on Ingenico for secure and
expedient electronic transaction acceptance. Ingenico products leverage proven
technology, established standards and unparalleled ergonomics to provide
optimal reliability, versatility and usability. This comprehensive range of
products is complemented by a global array of services and partnerships,
enabling businesses in a number of vertical sectors to accept transactions
anywhere their business takes them.
www.ingenico.com This message may contain confidential and/or privileged
information. If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose or take any action based on this
message or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this message.
Thank you for your cooperation.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
