[Cryptography] Best/simplest document encryption
Bill Frantz
frantz at pwpconsult.com
Sat Mar 23 01:58:02 EDT 2019
On 3/22/19 at 4:22 PM, mitch at niftyegg.com (Tom Mitchell) wrote:
>A key management tool seems central to this project.
>It needs to remember keys sent to you, remember keys used, as well as keys
>generated.
>It needs a function "Was this used before?" which need only test a table of
>hashed keys which is still a risk to protect.
One function that might be quite low risk is to use a long hash,
perhaps SHA512 to generate a hash of the key. Then select fields
from the hash to feed into a Bloom filter.
If we take the example of 3 keys for 180 days and choose a Bloom
filter with 10 entries for each key and a 50% fill, then we need
10,800 bits for the filter. So we use a filter of 2**14 (16384)
bits, take 140 bits from the hash and divide them up into 10
indexes of 14 bits each for the filter.
This procedure leaves 372 bits unused from the hash, which means
that a lot of incorrect "keys" will pass the bloom filter, but
not be able to decrypt the data. Someone trying exhaustive
search of the key space won't get a lot of help by using the filter.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz | "I wish there was a knob on the TV to turn
up the
408-356-8506 | intelligence. There's a knob called
"brightness", but
www.pwpconsult.com | it doesn't work. -- Gallagher
More information about the cryptography
mailing list