[Top] [All Lists]

Re: Iterated and Salted S2K - weakness or unclear specification?

2000-11-15 14:52:00
Bo Baldersson writes:
Have I interpreted the spec wrong when I assume that the text ( sec
      "Then the salt, followed by the passphrase data is repeatedly hashed
      until the number of octets specified by the octet count has been hashed"
means tha exact 'count'  bytes should be hashed? 

When we say the data is "repeatedly hashed", we mean that it is repeatedly
passed into the same hash context.  So it is hash (salt, passphrase, salt,
passphrase, salt, passphrase, ...) where the part in parentheses has a
length of "count" bytes (or length of salt+passphrase if that is greater).

Hal Finney
PGP Security