Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC

Eric Rescorla (ekr@rtfm.com)
Sun, 03 Jan 1999 15:30:46 -0800

• Next message: Wei Dai: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• Previous message: Walied.Othman@student.kuleuven.ac.be: "free pascal source code of pk algorithms"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Mike Rosing: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• Reply: Mike Rosing: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"

> On Sun, Jan 03, 1999 at 02:57:04PM -0800, EKR wrote:
> > Of course, if you use a discrete log scheme, then you can
> > just use X=SHA(passphrase).
>
> How about using X=SHA(salt||passphrase), where salt is some 32-bit random
> value stored on your hard drive? That way if the hard drive is destroyed,
> you only have to brute force a 32-bit value, but an attacker has to brute
> force the salt and the passphrase simultaneously which is unfeasible even
> if the passphrase only has 40-bit entropy.
Yeah, this is a good idea.

-Ekr

• Next message: Wei Dai: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• Previous message: Walied.Othman@student.kuleuven.ac.be: "free pascal source code of pk algorithms"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Mike Rosing: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• Reply: Mike Rosing: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"