K.S. Bhaskar on 21 May 2009 09:26:33 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Does appending known information to a key compromise its hash?

Cryptographic hashes such (e.g., SHA-2) are a standard way to validate
encryption keys, but they don't validate the encryption algorithm /
variant (e.g., AES 256 CFB).  If a program needs to ensure that a
certain key is not only the correct key, but also the correct key to
the algorithm it intends to use, it could, in theory, append the
algorithm to the key and hash both.  So, if the key is "A Li1ttle Lamb
wa5 owned by mARY", instead of hashing only the key, one could hash "A
Li1ttle Lamb wa5 owned by mARYAES256CFB".

One point of view says that this should not compromise the security of
the hash because appending a known (to an attacker) string to an
unknown key doesn't reduce the randomness in the key.  The counter
argument is that if the information being hashed has a higher
percentage of known bits to unknown bits, the resulting hash is more
easily broken.

Can anyone say definitively or point me to an appropriate reference?

Thank you very much, in advance.

-- Bhaskar
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug