Session Key Questions
Kevin Hilton
kevhilton at gmail.com
Tue Oct 21 18:04:21 CEST 2008
>RFC-4880, section 3.7.1.1:
> If the hash size is less than the key size, multiple instances of
> the hash context are created -- enough to produce the required key
> data. These instances are preloaded with 0, 1, 2, ... octets of
> zeros (that is to say, the first instance has no preloading, the
> second gets preloaded with 1 octet of zero, the third is preloaded
> with two octets of zeros, and so forth).
>In other words, there are multiple hash contexts run, each responsible
>for a different part of of the key (0-159 & 159-255 in your SHA1 and
>AES256 example).
Sorry about my last reply, went I sent my question, David had not
responded as of yet.
Ok, so just to clarify, say I have a 160bit hash product (produced
from a salted password) Using the SHA1 hash. In my theoretical
example, AES256 requires a 256 bit key. To construct this key
Bits
#1 0-159 = the salted hashed password (with 0 octects added)
#2 159-255 = the leftmost 80 bits of the salted preloaded password
with 1 octet zeros and then hased.
To produce the full 256 bits, the results of operation 1 and operation
2 are combined -- meaning result #1 is shifted 80 bits and then #2 is
added to #1?
Randomly generated session keys -- once produced are these salted and
hashed similiar to passwords? Or is the generated session key the
required length for the chosen cipher?
When passwords are salted -- how long is the salt? Is this appended
or prepended to the chosen password?
--
Kevin Hilton
More information about the Gnupg-users
mailing list