Re: $10,000 CertainKey Challange Awarded

tomstdenis_at_gmail.com
Date: 02/22/05

• Next message: Trevor L. Jackson, III: "Re: Thou shalt have no other gods before the ANSI C standard"
• Previous message: tomstdenis_at_gmail.com: "Re: Crypto++ really slow why?"
• In reply to: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Next in thread: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Reply: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 22 Feb 2005 01:21:49 -0800

WinTerMiNator wrote:
> Thank you Tom.
>
> Is my other proposal stronger:
> <quote>
> - "Square" any hash function:
> * take hash of file
> * use hash as a key for RC4 cipher and cipher file
> * take hash of cipher file
> * concatenate hash of clearfile + hash of cipherfile.
> </quote>
>
> I think it seems to resist to the "iterative hash function" attack as
you
> describe it.

This seems a bit harder but [no offense] it is a stupid solution.

First, it's not academic. It's just random toiling with crypto.
Second, as JL pointed out it's not an on-line computation, nor is it
parallelizable. Third, better hash functions.

As I told Lai [pwned him] during his talk at FSE'05 "if you're going to
mess with FIPS hashes, and you're going to make them slower AND
non-standard you might as well just use TIGER or WHIRLPOOL and be done
with".

It's really that simple folks. You can't do "amazing super uber
padding (tm)" and then claim FIPS compliance. So if you're going to
change from FIPS (which I suggest as a REALLY GOOD IDEA (tm)) then at
least use another rationally designed protocol/algo.

Tom

---

• Next message: Trevor L. Jackson, III: "Re: Thou shalt have no other gods before the ANSI C standard"
• Previous message: tomstdenis_at_gmail.com: "Re: Crypto++ really slow why?"
• In reply to: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Next in thread: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Reply: WinTerMiNator: "Re: $10,000 CertainKey Challange Awarded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Deriving AES Keys the CryptoAPI Way ... > that PROV_RSA_AES uses a FIPS 186-2 compliant PRNG method to ... > derive keys when the CryptDeriveKey function is called. ... and XKEY is an input value between 160 and 512 bits long. ... Windows CAPI CryptDeriveKey function requires to provide a hash object ... (microsoft.public.platformsdk.security) Re: sci.crypt sandbox? ... "Tom St Denis" wrote ... before being used to seed the pring used to encrypt the file. ... recover the entire prng just before the file is encrypted), ... My hash routine was designed to generate a *unique* hash for small ... (sci.crypt) Re: quick email change ... Hash: SHA1 ... | Tom St Denis wrote: ... used by newer apps. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ... (sci.crypt) Re: a makeshift hash solution ... Tom Foolery wrote: ... But how would I use a public key system to protect ... > the hash that's in the file and compare to the hashes in the list. ... I've been using a MAC all along. ... (sci.crypt) Re: Deriving AES Keys the CryptoAPI Way ... Microsoft's "Enhanced Cryptographic Provider" FIPS 140 submission states ... derive keys when the CryptDeriveKey function is called. ... Appendix 5 (the XKEY and x values). ... Windows CAPI CryptDeriveKey function requires to provide a hash object ... (microsoft.public.platformsdk.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2005-02