[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 3DES keys





It would be best to describe a way to partionIt would be best to describe a way 
to use a key stream to obtain keys for a given algorithm separate from the 
creation of the key stream. 

We should not use clever tricks to create bits for a specific algorithm (3DES 
and SHA).


Proposal

All "security transforms" should include the size of key stream required for 
initialization and the process for using these bits with the defined transform. 

An algorithmic approach (e.g. using MD5 or SHA) should be defined to lengthen a 
sequence when required to provide sufficient keying bits.

This means that for 3DES with 2 keys (112 bits) one MD5 (128 bits) chunk or one 
SHA (160 bits) chunk would suffice. For 3DES with 3 keys (168 bits) two 
"chunks" of MD5 (256) or SHA (320) would be required. 

Should "extra" bits be ignored, or should an algorithm be defined to mix down 
excess bits into a given key size?


Paul
_______________________________________________________________________________
Subject: 3DES keys
Author:  bsimpson@morningstar.com@INTERNET
Date:    9/27/95  10:36 AM

I have a question about making 3DES keys.  Are there particular hardware
and software implementation requirements?

For a key generator of MD5, it seems relatively obvious that the 128-bits
could be split into two 64-bit chunks, and allocated between encrypt and
decrypt (EDE), wasting the lsb of each octet.

But when using SHA, we get 160-bits, which is almost enough for three
separate 56-bit keys.  We could do something clever to make up the last
8 bits.

What have people implemented in the past?

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2


Follow-Ups: