What is the accepted way to derive several keys from a
user-supplied input?
Or, can you see anything wrong by prepending a counter to
the passphrase
and hashing it to create derived keys?
k_n = hash(n || passphrase)
I suppose a faster system would involve using
hash(passphrase) as the
key and encrypting a counter (assuming that hashes are
slower than
block ciphers).
k_n = E(hash(passphrase), n)
Both seem vulnerable to dictionary attacks, and it's not
immediately clear
to me how I could prevent them, or if that's even possible.
Terry Ritter suggested using CRCs over the passphrase, but I
haven't really
analyzed that method at all.
Any opinions?
--
Enhance your calm, fellow citizen; it's just ones and
zeroes.
Unix "guru" for rent or hire -><- http://www.li
ghtconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098
0C55 1484
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomo metzdowd.com
|