Date: Mon, 3 May 1999 11:21:54 +0200 From: Pierre Beyssac <beyssac@enst.fr> To: Allen Smith <easmith@beatrice.rutgers.edu>, Robert Watson <robert@cyrus.watson.org>, 0x1c <nick@shibumi.feralmonkey.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <19990503112154.A20922@enst.fr> In-Reply-To: <9905030205.ZM6442@beatrice.rutgers.edu>; from Allen Smith on Mon, May 03, 1999 at 02:05:30AM -0400 References: <Pine.BSF.3.96.990503020707.5183L-100000@fledge.watson.org> <robert@cyrus.watson.org> <9905030205.ZM6442@beatrice.rutgers.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 03, 1999 at 02:05:30AM -0400, Allen Smith wrote: > One can use any cryptographically secure one-way hash function as a > (secret key) encryption method. The procedure is as follows: > > Sender and recipient have shared secret key K. They want to transmit > information I. Sender takes three-bit chunks (the most efficient size) > of information I, finds a random salt S of sufficient size for each There's a simpler way that doesn't requires you to compute several hashes for the same data: simply use your hash function as a pseudo-random generator using the key as a seed, then XOR the resulting stream with your data. However, it seems using this scheme is not recommended by experts in the field, on the assumption that hash functions are not designed to withstand the same kind of attacks as ciphers functions. -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990503112154.A20922>