Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: fso301

We did some stats on the generated passwords - it was pretty good. The algo was based on DES.

DES, of course, is subject to differential cryptanalysis, but that’s when used in a wholesale crypto environment. You could replace DES with SHA-1 or other one-way hash functions; it isn’t really important which algo you use, just so long as you can’t guess the next number in the sequence if you know the prior one.

DES seemed to work OK because the generated crypto-text was the same length as the DES key, the salt value and the prior key in the sequence. Differential cryptanalysis needs a bunch of data in order to start narrowing down the key search space.


34 posted on 04/19/2010 8:24:44 PM PDT by NVDave
[ Post Reply | Private Reply | To 24 | View Replies ]

To: NVDave

So sha-1 being broken doesn’t impact this?


36 posted on 04/19/2010 8:26:43 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 34 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson