Re: MD5-Hash of a SHA-1-Hash unsecure?



Well, I did not say it clear enough.

David Gillett wrote:
"Less secure" than what? I can't tell what the other side of
the comparison is supposed to be.

Is it less secure to make a md5-hash of a sha-1-hash for the IV than
using the sha-1-hash for the IV? I do not know if this has an effect on
the entropy of the sha-1-hash or whatever. Is it easier to "crack" this
hash? This was my original thought.

I'm sorry that I asked with so unspecific informations.


jason.gerfen@xxxxxxxxx wrote:
So your just using the md5 hash as a unique IV?

It might be a bit more secure to use something like rand() for your IV.
Well, I use the hash because I need the IV for the decryption (or am I
wrong?) and I did not store this IV. So, when the user entered the
password for the decryption and this is wrong, the IV will also be wrong
and the file is useless after the decryption.


jason.gerfen@xxxxxxxxx wrote:
If you were really going to do that correctly you would not transmit the sha1 hash at all. You could use that sha1 hash as a private key for the user (keep it stored on their machine as it is more secure then sending it over the wire)
I transfer the sha-1-hash over a ssl channel so it should not be easy
for a third person to listen on this transmission and get the sha-1-hash.

Thanks guys.

--

Andre Pawlowski

-------------------------------------------------------------------

Regierung ist nicht der Ausdruck des Volkswillens, sondern der Ausdruck dessen, was ein Volk erträgt.
-Kurt Tucholsky