Re: Compatibility between different providers



On 2010-02-08, Peac <peac1972@xxxxxxxxxxxxxxxxxx> wrote:
On 7 Feb, 22:50, Ilmari Karonen <usen...@xxxxxxxxxxxxxx> wrote:
Anyway, you could also use the code I suggested in my last post; that
should be compatible with any RFC 2104 -compliant implementation, and
would save you from having to deal with HCRYPTKEYs at all. All you'd
need is a plain old unkeyed MD5 implementation, which even Microsoft
should be able to provide.

Thank you for your reply.
Pardon, my ignorance - but what's the difference between a keyed hash & an
unkeyed hash?

I was using the term "unkeyed hash" simply to emphasize the difference
between an ordinary hash like MD5 (which takes only one parameter: the
input string) and a MAC like HMAC-MD5 (which takes an additional
parameter: the key).

Here's the pseudocode again, for reference:

byte[64] ipad = ((byte) 0x5c).repeat(64);
byte[64] opad = ((byte) 0x36).repeat(64);

byte[16] HMAC_MD5 (byte[] key, byte[] input) {

Does the key parameter to the HMAC_MD5 function represent
a password or a symmetric key derived from a password?

It can be basically anything, as long as it has sufficient entropy not
to be guessable by brute force. It could be a passphrase, or some key
derived from a passphrase, or a random key stored in a keyfile, etc.
HMAC isn't too picky about what you give it as the key, since that key
is going to be fed to a hash function anyway.

if (key.length > 64) {
MD5Hash keyHash = new MD5Hash ();
keyHash.addData(key);
key = keyHash.getResult();
}
byte[64] expKey = key.padToLength(64);

You don't seem to be using this expKey anywhere?

Oops, sorry. Both of the occurrences of "key" below this line should
read "expKey" instead. I've made the change below:

MD5Hash innerHash = new MD5Hash ();
innerHash.addData(expKey.xor(ipad));
innerHash.addData(input);
byte[16] temp = innerHash.getResult();

MD5Hash outerHash = new MD5Hash ();
outerHash.addData(expKey.xor(opad));
outerHash.addData(temp);
return outerHash.getResult();
}

BTW, I just thought of something... _if_ the Microsoft implementation
is simply hashing the key regardless of its length, while the Java
implementation follows RFC 2104 and only hashes it if it's longer than
64 bytes, then you might be able to make the Java implementation
behave the same as the Microsoft one (at a small performance cost)
simply by hashing the key in advance. It might be worth a try. I'm
not sure why I didn't think of that when I wrote my last post.

--
Ilmari Karonen
To reply by e-mail, please replace ".invalid" with ".net" in address.
.



Relevant Pages

  • Re: windows onecare update
    ... Hash: SHA1 ... Microsoft and wants to install antivirus/antispyware updates. ... me the site's certificate was issued by an untrusted authority. ...
    (microsoft.public.windowsxp.general)
  • Re: Hashing or Encrypting
    ... Yes I do work for Microsoft. ... Multiple hashing is a technique that is ... increase the difficulty of an attack. ... you can compute the hash of the hash of the ...
    (microsoft.public.security)
  • Re: activation
    ... > As XP has a 10 point system to determine when reactivation ... > periodically with Microsoft? ... > could be made internally by xp without need to communicate ... No. XP stores the hash of the devices checked in a file on your hard ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Secure Methods of file transfer over network shares
    ... So using this method it does not send the password to the server at ... across during a Ch/Resp transaction but rather the hash does. ... MVP Microsoft MVP - Directory Services ... Infinite Diversities in Infinite Combinations ...
    (microsoft.public.windows.server.networking)
  • Re: Can an MD5 sum be 0000-0000-0000-0000?
    ... possible for an MD5 sum to be 0 or more accurately 0-0-0-0? ... of output are a "weakness" of the hash. ... The RFC plainly states that there are ... constants added into each phase of the algorithm. ...
    (alt.computer.security)