[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pre-shared key v RSA encryption or RSA signature authentication modes

To: Derek Atkins <warlord@xxxxxxx>, Uri Blumenthal <uri@xxxxxxxxxx>
Subject: Re: pre-shared key v RSA encryption or RSA signature authentication modes
From: David Jablon <dpj@xxxxxxxxxxxx>
Date: Thu, 21 Mar 2002 12:14:40 -0500
Cc: "Prof. Ahmed A. A. Adas" <alaadas@xxxxxxxxxxx>, cdemar@xxxxxxxxx, ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <><><><>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

Derek,

Is the limited entropy of the shared secret due to the fact that
it is simply a hash of a password?  If so, then perhaps the current
simplistic shared-secret key protocol is not such a good fit for these
common shared-secret password applications.

-- David

At 11:39 AM 3/21/2002 -0500, Derek Atkins wrote:

The fact that most users wont have a shared secret with 256 bits of
entropy?  I suspect that most shared secrets are probably in the 64-80
bits of entropy at the highest, and probably much lower than that.

Follow-Ups:
- Re: pre-shared key v RSA encryption or RSA signature authentication modes
  - From: Derek Atkins

References:
- Re: pre-shared key v RSA encryption or RSA signature authentication modes
  - From: Uri Blumenthal
- pre-shared key v RSA encryption or RSA signature authentication modes
  - From: cdemar
- Re: pre-shared key v RSA encryption or RSA signature authentication modes
  - From: Prof. Ahmed A. A. Adas
- Re: pre-shared key v RSA encryption or RSA signature authentication modes
  - From: Derek Atkins

Prev by Date: QoS considerations
Next by Date: Re: pre-shared key v RSA encryption or RSA signature authentication modes
Previous by thread: RE: pre-shared key v RSA encryption or RSA signature authentication modes
Next by thread: Re: pre-shared key v RSA encryption or RSA signature authentication modes
Index(es):
- Date
- Thread