[503] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: How bad is this?

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Fri Apr 4 17:45:47 1997

To: Bill Stewart <stewarts@ix.netcom.com>, perry@piermont.com,
        cryptography@c2.net
In-reply-to: Your message of "Fri, 04 Apr 1997 13:51:37 -0800 ."
             <199704042152.NAA13316@kirk.edmweb.com> 
Date: Fri, 04 Apr 1997 17:33:53 -0500
From: Bill Sommerfeld <sommerfeld@orchard.east-arlington.ma.us>

> > The hash that's needed is
> > 	F(localhost, localport, remotehost, remoteport)
> > where F() isn't predictable from outside.  Would it be safe to use 
> > 	F() = Hash32(RC4(key, "localhost, localport, remotehost, remoteport"))
> > where Hash32 is some vanilla N-bits-to-32-bites hash such as a CRC32
> > or simple xor-by-words or even just last-32-bits?

Given that RC4 is a stream cipher without any plaintext/ciphertext
feedback into its state, xor-by-words or last-32-bits would be
vulnerable to bit-twiddling attacks; given one valid hash
(input,output) pair, you could construct "valid" hashes for any
conceivable input for the same key..

					- Bill


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[503] in cryptography@c2.net mail archive

Re: How bad is this?

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)Fri Apr 4 17:45:47 1997

daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Fri Apr 4 17:45:47 1997