Hash for Rijndael a92 and 256

Rich rich@cnylug.org
Thu Mar 1 17:22:07 2001

On Thu, 01 Mar 2001 09:18:33 +0200 or Thereabouts
The voices in my head told me that disastry@saiknes.lv said:

> > I don't undertstand that question. Rijndael (aka AES) is a
> > symmetric cipher algorithm and a hash algorithm is not needed.
> hash is used to obsfucate passphrase for conventional encryption,
> draft-ietf-openpgp-rfc2440bis-02.txt says:
> If the hash size is less than the key size, multiple instances of
> the hash context are created -- enough to produce the required key
> data. These instances are preloaded with 0, 1, 2, ... octets of
> zeros (that is to say, the first instance has no preloading, the
> second gets preloaded with 1 octet of zero, the third is preloaded
> with two octets of zeros, and so forth).
This was exactly what I meant. I realize that for public key crypto that a 256-bit random session key would be chosen for the bulk data to be encrypted, but I did mean for conventional cryptography. I actually DID reply to Werner's message about not understanding, but my emailer selected his email address instead of the mailing list's address so my reply and his response to that were never seen by the group. I'm not quite certain I understand what's going on with the above method. Do we get 256-bits of true security (assuming sufficiently random passphrase) by using that prescribed Open-PGP method? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org