Re: Triple DES 192-bit key from shorter md5 hash value

From: Andreas Augustine (AndreasAugustine_at_discussions.microsoft.com)
Date: 10/11/04 

Date: Sun, 10 Oct 2004 23:17:02 -0700

Thanks!
Exactly what I was looking for, works excelent!!!

/Andreas

"Ryan Menezes [MSFT]" wrote:

> It goes through a process of expanding the hash to the key size requested.
>
> Let n be the required derived key length in bytes. The derived key is the
> first n bytes of the hash value after the hash computation has been
> completed by CryptDeriveKey. If the required key length is longer than the
> hash value, the key is derived as follows:
> 1. Form a 64-byte buffer by repeating the constant 0x36 64 times. Let k be
> the length of the hash value represented by the input parameter hBaseData.
> Set the first k bytes of the buffer to the result of an XOR operation of the
> first k bytes of the buffer with the hash value represented by the input
> parameter hBaseData.
> 2. Form a 64-byte buffer by repeating the constant 0x5C 64 times. Set the
> first k bytes of the buffer to the result of an XOR operation of the first k
> bytes of the buffer with the hash value represented by the input parameter
> hBaseData.
> 3. Hash the result of step 1 using the same hash algorithm as that used to
> compute the hash value represented by the hBaseData parameter.
> 4. Hash the result of step 2 using the same hash algorithm as that used to
> compute the hash value represented by the hBaseData parameter.
> 5. Concatenate the result of step 3 with the result of step 4.
> 6. Use the first n bytes of the result of step 5 as the derived key.
>
> --
> Thanks,
> Ryan Menezes [MS]
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "Andreas Augustine" <AndreasAugustine@discussions.microsoft.com> wrote in
> message news:7F64E2A0-B2D8-459C-8C99-9ED3BB827313@microsoft.com...
> > Hi, I'm trying to figure how "Microsoft Enhanced Cryptographic Provider"
> > generates a 192-bit session key from a md5 hashvalue (128-bits). Is there
> > anyone knows how its done?
> >
> > When I use ordinary DES with a md5hash as key it uses the first 8 bytes,
> > when I'm using DES3_128 it uses the whole 16 bytes...but what does it do
> > when using the full 192-bit DES3.
> >
> > I guess I could generate the full key myself but it would be interesting
> to
> > know how its done by default by Microsoft.
> >
> > Thx!
> > /Andreas
>
>
>

Relevant Pages

  • Re: Triple DES 192-bit key from shorter md5 hash value
    ... It goes through a process of expanding the hash to the key size requested. ... Let n be the required derived key length in bytes. ... the length of the hash value represented by the input parameter hBaseData. ... Set the first k bytes of the buffer to the result of an XOR operation of the ...
    (microsoft.public.platformsdk.security)
  • Re: SHA-1 vs. triple-DES for password encryption?
    ... crypt() and md5 crypt. ... several ways to turn a block cipher into a non-reversible hash ... You *need* to make sure to have reasonable salts. ... Store the salt and the derived key, ...
    (SecProg)
  • Re: An old gem - private key encryption
    ... CAPI will NOT allow you to 'sign' and arbitrary buffer - it allows only to ... So what you need to do is HASH your data THEN sign the hash. ... anybody can decrypt it anyway (assuming the public key is public). ...
    (microsoft.public.platformsdk.security)
  • Re: Once again: Rolling Frame!
    ... Once again thank you for all for your help with my "rolling frame" in ... I need once more your help in creating a multi-level hash like ... # buffer up $size lines ... print Dumper \%lines; # for debugging ...
    (comp.lang.perl.misc)
  • Re: AES 256 based key derivation function.
    ... RootKey and Derived Key are 256 bits, and Public Value could be up to ... AES invocations. ... even if an attacker had to try all the ... Assuming we have a hash function that output 256 bits hash ...
    (sci.crypt)
Quantcast