Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC

New Message Reply About this list Date view Thread view Subject view Author view

Wei Dai (weidai@eskimo.com)
Sun, 3 Jan 1999 15:15:08 -0800


On Sun, Jan 03, 1999 at 02:57:04PM -0800, EKR wrote:
> Of course, if you use a discrete log scheme, then you can
> just use X=SHA(passphrase).

How about using X=SHA(salt||passphrase), where salt is some 32-bit random
value stored on your hard drive? That way if the hard drive is destroyed,
you only have to brute force a 32-bit value, but an attacker has to brute
force the salt and the passphrase simultaneously which is unfeasible even
if the passphrase only has 40-bit entropy.


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:01