K.S. Bhaskar on 22 May 2009 16:52:22 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Does appending known information to a key compromise its hash?


Thanks Dave for your response, and thanks for getting a definitive
answer, JP.  Meanwhile, we decided not to go this route.

The answer from another source essentially corroborated what Bruce
Schneier says, but he was more circumspect, saying that for an
unflawed hash function it wouldn't matter, but that it could
compromise a flawed hash function.

Thanks again.

-- Bhaskar


On Fri, May 22, 2009 at 6:28 PM, JP Vossen <jp@jpsdomain.org> wrote:
>  > Date: Thu, 21 May 2009 12:26:26 -0400
>  > From: "K.S. Bhaskar" <bhaskar@worldvista.org>
>  >
>  > Cryptographic hashes such (e.g., SHA-2) are a standard way to validate
>  > encryption keys, but they don't validate the encryption algorithm /
>  > variant (e.g., AES 256 CFB).  If a program needs to ensure that a
>  > certain key is not only the correct key, but also the correct key to
>  > the algorithm it intends to use, it could, in theory, append the
>  > algorithm to the key and hash both.  So, if the key is "A Li1ttle Lamb
>  > wa5 owned by mARY", instead of hashing only the key, one could hash "A
>  > Li1ttle Lamb wa5 owned by mARYAES256CFB".
>  >
>  > One point of view says that this should not compromise the security of
>  > the hash because appending a known (to an attacker) string to an
>  > unknown key doesn't reduce the randomness in the key.  The counter
>  > argument is that if the information being hashed has a higher
>  > percentage of known bits to unknown bits, the resulting hash is more
>  > easily broken.
>  >
>  > Can anyone say definitively or point me to an appropriate reference?
>  >
>  > Thank you very much, in advance.
>
> ----- cut here -----
>
> -----Original Message-----
> From: Bruce Schneier
> Sent: Thursday, May 21, 2009 05:06 PM
> To: JP Vossen
> Subject: Re: Does appending known information to a key
> compromise its hash?
>
> If this usage compromises the hash function, then it's a REALLY sucky
> hash function.
>
> -----Original Message-----
> From: Bruce Schneier
> Sent: Friday, May 22, 2009 08:40 AM
> To: JP Vossen
> Subject: RE: Does appending known information to a key
> compromise its hash?
>
> At 07:20 AM 5/22/2009, JP wrote:
>  > Can I reply back to the posting and quote you?
>
> Sure.
>
> ----- cut here -----
>
> How's that for definitive?  :-)
> JP
> ----------------------------|:::======|-------------------------------
> JP Vossen, CISSP            |:::======|      http://bashcookbook.com/
> My Account, My Opinions     |=========|      http://www.jpsdomain.org/
> ----------------------------|=========|-------------------------------
> "Microsoft Tax" = the additional hardware & yearly fees for the add-on
> software required to protect Windows from its own poorly designed and
> implemented self, while the overhead incidentally flattens Moore's Law.
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
>
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug