[145835] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Hashing algorithm needed

daemon@ATHENA.MIT.EDU (James A. Donald)
Thu Sep 9 07:41:44 2010

Date: Thu, 09 Sep 2010 19:08:47 +1000
From: "James A. Donald" <jamesd@echeque.com>
Reply-To: jamesd@echeque.com
To: Ben Laurie <benl@google.com>
CC: flj@mail.dnttm.ro, cryptography@metzdowd.com
In-Reply-To: <AANLkTi=uNUpAVdvL9xYaWM96+PbWTW3URhwr6i5KTXdE@mail.gmail.com>

On 2010-09-09 6:35 AM, Ben Laurie wrote:
> What I do in Nigori for this is use DSA. Your private key, x, is the
> hash of the login info. The server has g^x, from which it cannot
> recover x,

Except, of course, by dictionary attack, hence g^x, being low
entropy, is treated as a shared secret.

and the client does DSA using x.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145835] in cryptography@c2.net mail archive

Re: Hashing algorithm needed

daemon@ATHENA.MIT.EDU (James A. Donald)Thu Sep 9 07:41:44 2010

daemon@ATHENA.MIT.EDU (James A. Donald)
Thu Sep 9 07:41:44 2010