From: Ben.Goren@asu.edu
Date: Thu, 12 Jan 95 17:33:12 PST
To: cypherpunks@toad.com
Subject: Re: RELEASE: Secure Edit beta 0.5
Message-ID: <v02110101ab3b85b46606@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:18 PM 1/12/95, Tom Bryce wrote:
>[. . .]
>* the salt is concatenated with MD5[passphrase] many times and this
>concatenated string hashed to generate the 'session key' for the file
>from your pass phrase. The number of times it is concatenated is
>calibrated to make it take about half a second - not a big performance
>loss, but it makes brute force attack of weak passphrases up to
>thousands of times more costly.
>[. . . .]

This is only going to work if MD5 is not a "group"--that is, if there is no
simple algorithm which is equivialent to md5(md5(x)). I doubt that's been
proven.

Rather, you'd be better off using DES in any of the ways that Schneir
describes (page 338 and following) and reiterate that many times.

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.