Date: Mon, 3 May 1999 06:18:11 -0400 From: "Allen Smith" <easmith@beatrice.rutgers.edu> To: Pierre Beyssac <beyssac@enst.fr>, Robert Watson <robert@cyrus.watson.org>, 0x1c <nick@shibumi.feralmonkey.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <9905030618.ZM1124@beatrice.rutgers.edu> In-Reply-To: Pierre Beyssac <beyssac@enst.fr> "Re: Blowfish/Twofish" (May 3, 5:05am) References: <Pine.BSF.3.96.990503020707.5183L-100000@fledge.watson.org> <robert@cyrus.watson.org> <9905030205.ZM6442@beatrice.rutgers.edu> <19990503112154.A20922@enst.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 3, 5:05am, Pierre Beyssac (possibly) wrote: > On Mon, May 03, 1999 at 02:05:30AM -0400, Allen Smith wrote: > > One can use any cryptographically secure one-way hash function as a > > (secret key) encryption method. The procedure is as follows: > > > > Sender and recipient have shared secret key K. They want to transmit > > information I. Sender takes three-bit chunks (the most efficient size) > > of information I, finds a random salt S of sufficient size for each > > There's a simpler way that doesn't requires you to compute several > hashes for the same data: simply use your hash function as a > pseudo-random generator using the key as a seed, then XOR the > resulting stream with your data. > > However, it seems using this scheme is not recommended by experts > in the field, on the assumption that hash functions are not designed > to withstand the same kind of attacks as ciphers functions. True... because what makes a cryptographically secure hash is: A. you can't figure out the input from the output; and B. the output is evenly distributed over the input space (it isn't all clumped up). Neither of these mean that you can't figure out the output if you know the input, or some portion of it (i.e., the previous output of the hash function). -Allen -- Allen Smith easmith@beatrice.rutgers.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9905030618.ZM1124>