[933] in Kerberos_V5_Development
Re: Another attempt at Triple-DES string-to-key
daemon@ATHENA.MIT.EDU (eichin@MIT.EDU)
Tue Oct 24 23:54:37 1995
From: eichin@MIT.EDU
Date: Tue, 24 Oct 1995 23:53:27 -0400
To: sommerfeld@orchard.medford.ma.us
Cc: basch@lehman.com, tytso@MIT.EDU, krbdev@MIT.EDU, carson@lehman.com
In-Reply-To: <199510250322.DAA01102@orchard.medford.ma.us> (message from Bill
Sommerfeld on Tue, 24 Oct 1995 23:21:39 -0400)
> 1) "short" passwords will result in the use of weak or mostly-zero
> keys for the 3rd and possibly 2nd DES keys in the first pass; you
> really want to mix things up a bit more than that.
A trivial change would be to loop back to the start of the input
string, but the symmetry this would add to that key is
disturbing. (Then again, the key has insufficient entropy anyhow...)
Perhaps scanning backwards (and bouncing back again until you fill the
24byte buffer.)
Is the problem in the first step "weak" keys or guessable ones? Wasn't
there an XOR used to modify detected weak keys into non-weak ones, and
would that suffice?
Another thought - 3DES with 56 bits of good key packed into the first
single-key is no weaker than 1DES, right? Can we really expect more
than that, given the lack of entropy to begin with?
Related question, is 3DES with only 18 bits of keyspace per stage
even that good? (Intuitively it would seem not...)
Remember also that we merely need a one-way hash here, where each key
bit can affect the result; I'm not sure if the specific weakness
mentioned matters...
> SHA gives you 160 bits of output, which is close to the 165 "real"
But then if you have a key that actually *has* 168 good bits (yeah,
that would be a comparable to a 30+ word english sentence) you lose
some of them. Granted, by going to 3DES we've got enough strength that
we may not care much... and that few passwords will be long enough to
give that anyhow.
Lots of questions. Part of the reason for using a technique that is
logically related to the existing one is that we can reason about the
effectiveness in related ways. _Mark_
