Re: XOR passphrase with a constant
From: Andrew (anelless_at_gmail.com)
Date: 05/30/05
- Next message: Andrew: "Re: XOR passphrase with a constant"
- Previous message: Mike Amling: "Re: Real-time sound cyphering algorithm"
- Maybe in reply to: Andrew: "XOR passphrase with a constant"
- Next in thread: Andrew: "Re: XOR passphrase with a constant"
- Reply: Andrew: "Re: XOR passphrase with a constant"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 May 2005 11:41:59 -0700
Yes the constant is known to all 3rd parties but the basic idea is if
you have two constants C1 and C2 and a single passphrase P and produce
MD5(C1 + P) and MD5(C2+ P) it is impossible to determine from the
hashes if the same passphrase was used in both cases without actually
knowing what one was.
Each of these hashes can then be used in further steps in an algorithm
on their respective systems and if an attacker manages to obtain one of
these hashes, it will not produce the same results in the later stages
of the other system.
I can't explain it better than that and I'm sure it seems odd. Mostly I
am just curious to how these constants effect widely used hash
functions and how you can incoporate things unique to a system into
passphrases so that if the same passphrase is used across more than one
system, this fact is not revealed.
Basically my question is if both MD5(C1 + P) and MD5(C2 + P) become
known to the attacker is the attackers task of finding P made any
easier assuming they already know both C1 and C2?
- Next message: Andrew: "Re: XOR passphrase with a constant"
- Previous message: Mike Amling: "Re: Real-time sound cyphering algorithm"
- Maybe in reply to: Andrew: "XOR passphrase with a constant"
- Next in thread: Andrew: "Re: XOR passphrase with a constant"
- Reply: Andrew: "Re: XOR passphrase with a constant"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
