ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Iterated and Salted S2K - weakness or unclear specification?

2000-11-15 14:52:00
from [hal] [Permanent Link] 
Bo Baldersson writes:

Have I interpreted the spec wrong when I assume that the text ( sec 3.6.1.3)
      
      "Then the salt, followed by the passphrase data is repeatedly hashed
      until the number of octets specified by the octet count has been hashed"
      
means tha exact 'count'  bytes should be hashed? 


When we say the data is "repeatedly hashed", we mean that it is repeatedly
passed into the same hash context.  So it is hash (salt, passphrase, salt,
passphrase, salt, passphrase, ...) where the part in parentheses has a
length of "count" bytes (or length of salt+passphrase if that is greater).

Hal Finney
PGP Security
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Iterated and Salted S2K - weakness or unclear specification?, Derek Atkins
Next by Date:  Re: Iterated and Salted S2K - weakness or unclear specification?, Michael Young
Previous by Thread:  Re: Iterated and Salted S2K - weakness or unclear specification?, Derek Atkins
Next by Thread:  Re: Iterated and Salted S2K - weakness or unclear specification?, Michael Young
Indexes:  [Date] [Thread] [Top] [All Lists]