[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pre-shared key v RSA encryption or RSA signature authentication modes
Derek,
Is the limited entropy of the shared secret due to the fact that
it is simply a hash of a password? If so, then perhaps the current
simplistic shared-secret key protocol is not such a good fit for these
common shared-secret password applications.
-- David
At 11:39 AM 3/21/2002 -0500, Derek Atkins wrote:
>The fact that most users wont have a shared secret with 256 bits of
>entropy? I suspect that most shared secrets are probably in the 64-80
>bits of entropy at the highest, and probably much lower than that.