Re: Maybe a stupid question regarding input output fed hash algorithms
jonas.t_at_bredband.net
Date: 08/22/03
- Next message: Douglas A. Gwyn: "Re: homomorphic encryption"
- Previous message: Marcel Martin: "Re: public-private key confusion"
- In reply to: Tom St Denis: "Re: Maybe a stupid question regarding input output fed hash algorithms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 22 Aug 2003 06:33:38 +0200
"Tom St Denis" <tomstdenis@yahoo.com> skrev i meddelandet
news:c8016437.0308211116.6f879f5f@posting.google.com...
> <jonas.t@bredband.net> wrote in message
news:<wwZ0b.67885$zL.288@news1.bredband.com>...
> > If i feed MD5 with another MD5 output e.g 128 bit.
>
> First off, why would you do that?
To create a pseudo random stream from a plain password and MD5 that could
directly encipher the plaintext without any other cipher.
> > Is it possible to backtrack the original 128 bit string, is the output
from
> > MD5 carrying such features that will make it possible to reverse a
> > stream/chain of MD5 fed loop.
>
> You only make the design weaker though. MD5 is obviously not an
> invertable function so applying it twice only *lowers* the entropy of
> the output.
Actually i am not going to fed the output into the same input buffer so it
won't lover the entropy as long as an MD5 string works as well as any other
output strings, i was worried about that i used MD5 strings as input could
create *patterns* within the output.
> If you wanted to strengthen the design you would add more
> rounds to it [or just use a SHA hash].
I am not sure we are talking about the same thing i wasn't thinking in terms
of password generation i am talked about generate pseudo random stream do
use direct on the plaintext with just a xor.
> > Of course i realise that such a chain of linear input output doesn't
make
> > sense to use in a stream cipher.
> > However if i start out with three MD5 buffers and let the outputs inputs
> > rotate between the buffes and only use one of the output buffers for use
as
> > a linear streamcipher, do MD5 carry such features that it is possible to
> > reverse it *if you know* that it is fed by a MD5 string.
> This all sounds interestingly stupid. The most common way to make a
> stream cipher from a hash is an CTR mode e.g.
>
> C[i] = P[i] xor H(IV || key || i)
Well i really don't know about the notation but i was thinking in terms of
expkey1="hello"
expkey2="world"
expkey3="of tom st dennis"
while not eof{
one=MD5key(expkey1);
two=MD5key(expkey2);
three=MD5key(expkey3);
expkey1=three;
expkey2=one;
expkey3=two;
C[i]=P[i]^one
}
> Of course such a construction is typically fairly slow.
It is faster then TEA in javascript but i guess that doesn't say much
> > I also wonder if this kind of rotating input output buffers could be
used to
> > create streams from other hash algorithms.
>
> Probably but until you formalize your idea nobody will care. If you
> build it, they will come!
As i said (only javascript you know ;) fast and funky to throw together
> Fields of dreams [over Z....stupid math nerds on campus! damn you!]
>
> > Maybe it is alltogether a very bad idea overall but if so i would like
to
> > know why, i'm a bit clueless since it seems like a good idea to me.
>
> That's part and parcel of the problem. I couldn't tell you outright
> what is exactly wrong with it other than it's overly complicated and
> hasn't been studied much before [in your context, CTR mode has been
> around forever].
I guess i will have to check up CTR mode then but i really do not see how it
could be complicated, 6 lines of code added to MD5 to make it a working
streamcipher what is so complicated about it?
> Tom
Why don't you just throw the lines in within one of your implementations
just to check it out.
I mean it seem simple and foolproof to me as long the hash algorithm isn't
reversable or leave patterns between in and output.
JT
- Next message: Douglas A. Gwyn: "Re: homomorphic encryption"
- Previous message: Marcel Martin: "Re: public-private key confusion"
- In reply to: Tom St Denis: "Re: Maybe a stupid question regarding input output fed hash algorithms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
