Re: A Method of Session Key Generation

Jim Gillogly (jim@acm.org)
Thu, 28 Jan 1999 08:07:57 -0800

• Next message: craig mcmillan: "Re: A Method of Session Key Generation"
• Previous message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• In reply to: David Jablon: "Re: A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"

M-K Shen writes:
> Hash all previously processed plaintexts. Encrypt the hash with
> a masterkey to obtain the current session key.
>
> Comments and critiques are sincerely solicited.

As with most security proposals, the efficacy depends largely on
the threat model. For example, if you assume the enemy has access
(perhaps delayed) to previous plaintexts (or their hash), then
access to future plaintext depends only on the master key. Modern
ciphers should be impervious to known plaintext attacks.

I think this strategy (a variant of autokey ciphers) was the basis
for one of the "one-time pad" ciphers being marketed a couple of
years ago, with the details kept under close NDA.

        Jim Gillogly
        7 Solmath S.R. 1999, 16:02
        12.19.5.16.2, 9 Ik 15 Muan, Seventh Lord of Night

• Next message: craig mcmillan: "Re: A Method of Session Key Generation"
• Previous message: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• In reply to: David Jablon: "Re: A Method of Session Key Generation"
• Next in thread: Mok-Kong Shen: "Re: A Method of Session Key Generation"
• Reply: Mok-Kong Shen: "Re: A Method of Session Key Generation"