Session Key Questions
kevhilton at gmail.com
Tue Oct 21 17:52:49 CEST 2008
> If the hash output is not enough, then extra 0x00 byte will be added to
> your passphrase and hashed again to produce additional and different
> hashing output. If even this isn't enough, then two 0x00 bytes will be
> added and hashed again, and so on.
Ok -- so just some points of clarification. What is the default
s2k-digest-algo? Lets say its SHA1 or for the point of argument I set
it to be SHA1. SHA1 always produces 160 bit resultants. Say I want
to use the AES256 cipher. If I am understanding what has been
reported previously, this requires a 256 bit key. If the process you
described above works, wouldn't a 160 bit hash always be produced?
Just to clarify in my own mind your process -- If the hash output is
not enough and an extra 0x00 byte (which I think you are telling me
0x00 = 256 0 bits) is added to the passphrase and then rehashed with
SHA1 - wouldn't another 160 bit hash be produced again? How would a
256 bit hash ever be produced is the SHA1 hash was always used.
Thanks -- I have a feeling I'm getting off in left field here and
missing some understanding of some basic concepts.
More information about the Gnupg-users