[Authentication] Clarification of algorithm: dh-ietf1024-aes128-cbc-pkcs7
Ben Kibbey
bjk at luxsci.net
Wed Dec 1 17:21:02 PST 2010
On Sat, Nov 27, 2010 at 09:43:48AM +1100, Brad Hards wrote:
> On Saturday, November 27, 2010 09:18:36 am Stef Walter wrote:
> > As implemented (in gnome-keyring at least) the Secret Service
> > algorithm set dh-ietf1024-aes128-cbc-pkcs7 isn't as strong as it
> > should be.
> What is dh-ietf1024 in this algorithm? Asymmetric key strength isn't
> equal to symmetric key strength. A 1024-bit Diffie Hellman key is not
> as strong as a 128 bit AES key.
>
> > * Use SHA256 to derive the key and use AES256 for encryption.
> SHA256 is 128 bits of "effective" security. Use SHA256 with AES128,
> and SHA512 with AES256.
It may be inappropriate to ask here, but I noticed that an AES256 key
length is 32 bytes and the size of an SHA512 hash is 64 bytes. How can
an SHA512 hash be used as AES256 key material? I've run into this
problem in my project. Maybe it depends on the crypto library? I'm
using libgcrypt.
--
Ben Kibbey
[XMPP: bjk AT thiessen DOT im] - [IRC: (bjk) FreeNode/OFTC]
More information about the Authentication
mailing list