Re: 160-bit key limit
- From: yawnmoth <terra1024@xxxxxxxxx>
- Date: Thu, 12 Jul 2007 19:45:47 -0000
On Jul 12, 3:01 am, Simon Tatham <ana...@xxxxxxxxx> wrote:
yawnmoth <terra1...@xxxxxxxxx> wrote:Hmmm. What, then, is the difference between aes256-cbc or aes192-
I thought that the maximum key size was whatever the modulo for the
diffie-hellman key exchange was. If you're using diffie-hellman-
group1-sha1, that'd be 1024 bits. I don't see where SHA-1 factors
into it.
SHA-1 is used _after_ the key exchange, to convert the output of the
key exchange into the session keys used to do the actual bulk
symmetric data encryption. (This is the meaning of `sha1' in the key
exchange method name you quote.)
cbc? My guess would be that the 160 bits of the SHA-1 hash are
repeated in both cases.
I'd look in the relevant RFC (4253), but didn't see anything about
this at all. Maybe it was deleted with a newer revision? Such things
wouldn't be unprecedented, as this post elaborates:
http://groups.google.com/group/comp.security.ssh/msg/7e7e121da0dddd53
.
- Follow-Ups:
- Re: 160-bit key limit
- From: Ben Harris
- Re: 160-bit key limit
- References:
- 160-bit key limit
- From: yawnmoth
- Re: 160-bit key limit
- From: Simon Tatham
- 160-bit key limit
- Prev by Date: Re: The scp protocol
- Next by Date: Re: The scp protocol
- Previous by thread: Re: 160-bit key limit
- Next by thread: Re: 160-bit key limit
- Index(es):
Relevant Pages
|
|
