[Authentication] Fwd: Re: Session negotiation
Brad Hards
bradh at frogmouth.net
Thu Jul 16 03:18:20 PDT 2009
On Thursday 16 July 2009 18:45:16 Michael Leupold wrote:
> I wasn't talking about reuse, I was more or less considering the secrets to
> be passed through a stream cipher that whose state was established on
> session start. After trying I figured it's not the right approach though as
> while the same secret encrypted over and over produces different encrypted
> results they have to be manually padded/unpadded as apparently crypto
> libraries only support padding on the last block encrypted (at least libqca
> does).
I'm confused as to what you're trying to do. Maybe you can explain again?
If you pass the same inputs into a cipher, then you'll (obviously) get the
same output.
In this context, the cipher algorithm and mode (e.g. AES128-CBC) takes a key,
an IV, and the plain text ("secret") and produces some ciphertext.
[The padding (or lack thereof) is a function of the block mode and algorithm,
but we might want to use additional padding to avoid disclosing how long the
plain text is.]
We need to generate the key from some kind of passphrase (or other source, but
passphrase is what I expect from this). So we need to define how to produce the
key, and we need to store the IV with the ciphertext version of the secret. I
think each secret should be encrypted separately (and so have a different IV).
Brad
More information about the Authentication
mailing list