[Authentication] Clarification of algorithm: dh-ietf1024-aes128-cbc-pkcs7
Brad Hards
bradh at frogmouth.net
Fri Nov 26 14:43:48 PST 2010
On Saturday, November 27, 2010 09:18:36 am Stef Walter wrote:
> As implemented (in gnome-keyring at least) the Secret Service algorithm
> set dh-ietf1024-aes128-cbc-pkcs7 isn't as strong as it should be.
What is dh-ietf1024 in this algorithm? Asymmetric key strength isn't equal to
symmetric key strength. A 1024-bit Diffie Hellman key is not as strong as a 128
bit AES key.
> * Use SHA256 to derive the key and use AES256 for encryption.
SHA256 is 128 bits of "effective" security. Use SHA256 with AES128, and SHA512
with AES256.
> * Use HKDF [1] to derive the key. Perhaps more complex than we need?
Security probably depends on which of the options (especially which hash) you
choose.
Brad
More information about the Authentication
mailing list