Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:17:18 ADT
mgraffam@mhv.net
Fri, 8 May 1998 01:24:14 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 7 May 1998, Mark Rosen wrote:
> There are also many security improvements that can be made. I have
> pasted the appropriate source code below, but here are my observations: The
> main point of attack is the RNG. I use a simple LFSR.
If you have SHA1 available, why not make a random number generated based
on that?
> The message is divided up into 1 byte packets. As
> per Rivest's document, an authentication key is computed using the hash
> (SHA1) of the packet and an authentication key. I don't use a serial number
> because the packets are stored in order (the architecture of my encryption
> library prevents me from storing the packets in random order, though this is
> certainly a possible improvement).
So you have:
byte+phrase where + is concatencation, and this is hashed?
I don't like it.. could be bad.. and here's why:
So, you have SHA(a+secret) which will yield 4 (and always 4). Where do you
get your "MACs" for chaff? If you just generate some random bytes and
use that, you're hosed.
Lets say we have the output:
byte MAC
A 4 MAC = SHA(A+secret) = 4 (wheat)
B 2 MAC = RAND() (chaff)
down the road,
A 4 MAC = SHA(A+secret) (wheat)
B 9 MAC = RAND() (chaff)
Seeing this, we can analyze the file and we get the wheat.
If you put the sequence number in there, the packet for a wheat A will
not be the same each time.
Alternately, you could generate a bunch of random "chaff keys" and
use those to make the MACs for all chaff B's so that chaff B's always
have the same MAC, making it impossible to use this analysis.
This will obviously be slower.
Given the output size, I'd gladly sacrifice the speed to save the 4 bytes
or so on a sequence number.
Michael J. Graffam (mgraffam@mhv.net)
http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc
"Act only according to that maxim by which you can at the same time will that
it should become a universal law.." - Immanuel Kant "Metaphysics of Morals"
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQCVAwUBNVKXBAKEiLNUxnAfAQGprAQApJV5o7FDMOsgixQNYt2IYfvTsYvEk5UH
tFtieXIm4pqE7k3qTafgb6e9ExUbDvZ7gyxWHRPUF+HtGOlG6rxrOWZAdYGrcuA5
M2qkA89nEKf3HkGpDgFnvkkNmoZk+uztNgoiQ/djTNLWqkii7qK2ZZatHo5DI2DU
23hSuBiq0kQ=
=G3B9
-----END PGP SIGNATURE-----
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:17:18 ADT