--override-session-key $PASS simple brute force attack vulnerability?

David Shaw dshaw@jabberwocky.com
Mon Jul 15 15:51:06 2002


On Mon, Jul 15, 2002 at 11:46:17AM +0000, Brian M. Carlson wrote:
> But really, if you're getting at what I think you're getting at, let me
> stop you right now. The session key is, in reality, 128, 168, 192, or
> 256 bits long, depending on the algorithm. It is raw bits, encoded as
> bytes. However, what you see above is just some other encoding of it, so
> that you can type it in at the prompt. Otherwise, if one of those bytes
> was 0x10 (LF), then you wouldn't be able to override the session key,
> now would you?

Exactly.

> You can see my preferences here:
> 	Cipher: 3DES, BLOWFISH, CAST5, AES192
> 	Hash: RIPEMD160, TIGER192, SHA1 (that is a nasty extra SHA1 that
> 	shouldn't be there)
> 	Compression: ZLIB, ZIP, Uncompressed
> 	Features: MDC

No, that SHA1 is required by the OpenPGP protocol.  You can put other
hashes in front of it if you prefer, but you can't get rid of it.  The
same thing applies to the 3DES cipher, and the "Uncompressed"
compression type.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson