[145836] in cryptography@c2.net mail archive
Re: Hashing algorithm needed
daemon@ATHENA.MIT.EDU (Ben Laurie)
Thu Sep 9 07:42:18 2010
In-Reply-To: <4C88A41F.4010202@echeque.com>
Date: Thu, 9 Sep 2010 11:49:07 +0100
From: Ben Laurie <benl@google.com>
To: jamesd@echeque.com
Cc: flj@mail.dnttm.ro, cryptography@metzdowd.com
On 9 September 2010 10:08, James A. Donald <jamesd@echeque.com> wrote:
> On 2010-09-09 6:35 AM, Ben Laurie wrote:
>>
>> What I do in Nigori for this is use DSA. Your private key, x, is the
>> hash of the login info. The server has g^x, from which it cannot
>> recover x,
>
> Except, of course, by dictionary attack, hence g^x, being low
> entropy, is treated as a shared secret.
Indeed, if it is low entropy (I don't think you can assume it is,
though I'll readily agree it is likely to be), then it is subject to a
dictionary attack.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
