From: Roger Bryner <bryner@atlas.chem.utah.edu>
To: Mike Ingle <MIKEINGLE@delphi.com>
Message Hash: 818a175f8b6734af245b581d3b7015784cd6a15ca8c41c361a16efcb57c7e179
Message ID: <Pine.3.89.9407061121.A17510-0100000@atlas.chem.utah.edu>
Reply To: <01HEDB6B0KIQ8Y70EA@delphi.com>
UTC Datetime: 1994-07-06 17:42:32 UTC
Raw Date: Wed, 6 Jul 94 10:42:32 PDT
From: Roger Bryner <bryner@atlas.chem.utah.edu>
Date: Wed, 6 Jul 94 10:42:32 PDT
To: Mike Ingle <MIKEINGLE@delphi.com>
Subject: Re: Secure Drive insecure? NOT
In-Reply-To: <01HEDB6B0KIQ8Y70EA@delphi.com>
Message-ID: <Pine.3.89.9407061121.A17510-0100000@atlas.chem.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Wed, 6 Jul 1994, Mike Ingle wrote:
> BZZZT! Read the code...
> MD5Update(&md5buf,pass1,strlen(pass1)); <----------| I wonder what
Gee, thanks for leting me play, do I get a consolation prize?:-)
Let me think, I still don't see any proof that this does not loose
entropy, and it could, as if the two parts are not independent of each other.
As soon as you start making a feedback machene, you have no guarentee
that this is a maximal unless there is no state that is imediatly
preceeded by two other states.
Simply throwing a lot of stuff at a password is no substitute for a proof
that the transformation does not loose entropy, which is available if you
use an encryption algorithim for the last 1023 transformations, and a
hash function only for the first one.
Sorry to be a pain.
Roger.
Return to July 1994
Return to “Roger Bryner <bryner@atlas.chem.utah.edu>”