Prev: Fueling your car with natural gas from home
Next: what is base() in inheritance
From: Arne Vajhøj on 13 Jun 2010 17:05
On 13-06-2010 12:53, rossum wrote:
> On Sat, 12 Jun 2010 21:17:23 -0400, Arne Vajhøj<arne(a)vajhoej.dk>
> wrote:
>
>> On 12-06-2010 09:15, rossum wrote:
>>> On Sat, 12 Jun 2010 04:04:25 -0700, Raj
>>> <Raj(a)discussions.microsoft.com> wrote:
>>>> I would like to know, how to encrypt/decrypt using varying number of key
>>>> size. The above works only if the key size is 8 bytes. May want to provide
>>>> key of size 64 bytes
>>> 1 DES is obsolete. Use AES/Rijndael instead.
>>>
>>> 2 Do not use the user's key directly, insteaad pass the key the user
>>> supplies through a cryptographic hash function, such as SHA-256.
>>> Whatever size key the user supplies the output of the hash function is
>>> always the same size, 256 bits in the case of SHA-256. Use the output
>>> of the hash function to key AES.
>>>
>>> User key --> SHA-256 --> AES-256 encryption.
>>
>> But it is very important to understand that the
>> password security does not depend on the number of
>> possible values of the hash but of the number of
>> possible values of the user key.
> I prefer
>
> overallEntropy = min(keyEntropy, hashEntropy)
>
> The hash imposes an upper limit, though I will agree that most
> passwords/passphrases will not usually reach that limit.

True.

But I think the term passphrase need to be replaced by
the term passbook for that to have practical importance.

Arne

First  |  Prev  | 
Pages: 1 2
Prev: Fueling your car with natural gas from home
Next: what is base() in inheritance