Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC

New Message Reply About this list Date view Thread view Subject view Author view

Eric Rescorla (ekr@rtfm.com)
Sun, 03 Jan 1999 15:30:46 -0800


> On Sun, Jan 03, 1999 at 02:57:04PM -0800, EKR wrote:
> > Of course, if you use a discrete log scheme, then you can
> > just use X=SHA(passphrase).
>
> How about using X=SHA(salt||passphrase), where salt is some 32-bit random
> value stored on your hard drive? That way if the hard drive is destroyed,
> you only have to brute force a 32-bit value, but an attacker has to brute
> force the salt and the passphrase simultaneously which is unfeasible even
> if the passphrase only has 40-bit entropy.
Yeah, this is a good idea.

-Ekr


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:01