deriving multiple keys from one passphrase
Travis H.
solinym at gmail.com
Mon Oct 9 19:35:43 EDT 2006
What is the accepted way to derive several keys from a user-supplied input?
Or, can you see anything wrong by prepending a counter to the passphrase
and hashing it to create derived keys?
k_n = hash(n || passphrase)
I suppose a faster system would involve using hash(passphrase) as the
key and encrypting a counter (assuming that hashes are slower than
block ciphers).
k_n = E(hash(passphrase), n)
Both seem vulnerable to dictionary attacks, and it's not immediately clear
to me how I could prevent them, or if that's even possible.
Terry Ritter suggested using CRCs over the passphrase, but I haven't really
analyzed that method at all.
Any opinions?
--
Enhance your calm, fellow citizen; it's just ones and zeroes.
Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list