Protection against offline dictionary attack on static files
Zooko Journeyman
zooko at localhost.notabug.com
Thu Nov 13 10:09:17 EST 2003
Arcane Jill wrote:
>
<... a way to make decryption more expensive ...>
I think it is a neat idea. I think it is best understood as a kind of
"key-stretching" akin to iterated hashing of a password, as in:
Secure Applications of Low-Entropy Keys (1998)
John Kelsey, Bruce Schneier, Chris Hall, David Wagner
http://citeseer.nj.nec.com/kelsey98secure.html
I invented it myself at one point, and then subsequently learned that it had
already been published.
Here are some notes I wrote about it earlier this year:
"""
I've learned that Udi Manber, Martín Abadi [1], Mark Lomas, and Roger
Needham [2] have already published one of my ideas -- that of an extra "salt"
used to hash passwords, erased, and then brute-force-rediscovered when needed.
This kind of thing reassures me that my own part-time, self-directed crypto
research isn't too far off the mainstream. Manber's paper [3] is earliest,
but Abadi's [4] (published as a Technical Report) contains extra goodies such
as consideration of off-line brute force attacks on weak keys used in
communication protocols and a comparison to the more widely used key-
strengthening of iterated hashing.
[1] http://www.cse.ucsc.edu/~abadi
[2] http://research.microsoft.com/users/needham/
[3] http://citeseer.nj.nec.com/manber96simple.html
[4] http://www.cse.ucsc.edu/~abadi/Papers/pwd-revised.ps
"""
Regards,
Zooko
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list