Re: TEA (was Re: filesystem encryption)

New Message Reply About this list Date view Thread view Subject view Author view

Bill Stewart (bill.stewart@pobox.com)
Sat, 27 Jun 1998 01:12:09 -0700


At 05:56 PM 6/24/98 +0000, Jesús Cea Avión wrote:
>Why not?. I need a *simple*, *lightning* fast crypt, without setup
>overhead. Streng is important but only for "domestic" attacks, since
>each register is crypted using its unique "user provided but server
>generated" key. In fact we are using only 64 bit keys, with up-most 64
>bits set to 0. The users already have a hard time remembering 12 random
>chars (64 bits coded as two 32 bit base64).

How much lightning do you need? RC4 doesn't take that much setup time,
and the storage overhead is minimal, ~256 bytes.
(Each key can only be used once, which may be a problem for you;
try RC5 or RC6 if it is.)
Arbitrarily long keys, rather than limiting to 64 bits,
and the users can use passphrases that they can remember.

If you need to generate passwords that users can remember,
rather than using random characters, you could use the
S/Key method, which is described in RFC-nnnn,
which has a list of words each representing 11 bits;
passwords look like
        FOO BAR TROUT MASK RED DOOR
and would make fine input to RC4 if you needed it.

                                Thanks!
                                        Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:08 ADT