[Cryptography] Best/simplest document encryption

Bill Frantz frantz at pwpconsult.com
Sat Mar 23 01:58:02 EDT 2019

On 3/22/19 at 4:22 PM, mitch at niftyegg.com (Tom Mitchell) wrote:

>A key management tool seems central to this project.
>It needs to remember keys sent to you, remember keys used, as well as keys
>It needs a function "Was this used before?" which need only test a table of
>hashed keys which is still a risk to protect.

One function that might be quite low risk is to use a long hash, 
perhaps SHA512 to generate a hash of the key. Then select fields 
from the hash to feed into a Bloom filter.

If we take the example of 3 keys for 180 days and choose a Bloom 
filter with 10 entries for each key and a 50% fill, then we need 
10,800 bits for the filter. So we use a filter of 2**14 (16384) 
bits, take 140 bits from the hash and divide them up into 10 
indexes of 14 bits each for the filter.

This procedure leaves 372 bits unused from the hash, which means 
that a lot of incorrect "keys" will pass the bloom filter, but 
not be able to decrypt the data. Someone trying exhaustive 
search of the key space won't get a lot of help by using the filter.

Cheers - Bill

Bill Frantz        | "I wish there was a knob on the TV to turn 
up the
408-356-8506       | intelligence.  There's a knob called 
"brightness", but
www.pwpconsult.com | it doesn't work. -- Gallagher

More information about the cryptography mailing list