[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 3DES keys
-----BEGIN PGP SIGNED MESSAGE-----
content-type: text/plain; charset=us-ascii
> The modular exponentiation, elliptic curve, and key generator
> algorithms provide a number of bits of keying material. Use of an
> algorithm which produces a fewer number of keying bits than required
> for a selected transform results in less robust security than would
> otherwise be expected.
Shouldn't this be "fewer than *twice* as many keying bits ..." ?
(The 155 bits from the elliptic curve example is only good for 155/2 keying
bits.)
Are you saying that you think that the keys in each direction need to
be completely independant?
i.e.:
key A->B = hash (secret1, A, B, ...)
key B->A = hash (secret2, B, A, ...)
where secret1 and secret2 each consist of half of the bits of the
shared secret?
- Bill
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBMGr53Vpj/0M1dMJ/AQEFZAP+LKBECjijmqQnt2f/sCWuJiWzFUlFlboQ
ZbOSgzGZQe4fbL8eXlPsnuP4TxXBnz1gkM6PIsA8JJUEOMW2zeHaNTfXT2HNA6kr
J7FfA8Df7YqlEYUedCwE1vHSNDHE3xZMo+vUKxteX3+n5rERe/WzWnaUtt0CTU/0
JnCEZ7kNUWc=
=Z/hn
-----END PGP SIGNATURE-----
Follow-Ups:
References: