Arcane Jill wrote: > <... a way to make decryption more expensive ...>
I think it is a neat idea. I think it is best understood as a kind of "key-stretching" akin to iterated hashing of a password, as in: Secure Applications of Low-Entropy Keys (1998) John Kelsey, Bruce Schneier, Chris Hall, David Wagner http://citeseer.nj.nec.com/kelsey98secure.html I invented it myself at one point, and then subsequently learned that it had already been published. Here are some notes I wrote about it earlier this year: """ I've learned that Udi Manber, Martín Abadi [1], Mark Lomas, and Roger Needham [2] have already published one of my ideas -- that of an extra "salt" used to hash passwords, erased, and then brute-force-rediscovered when needed. This kind of thing reassures me that my own part-time, self-directed crypto research isn't too far off the mainstream. Manber's paper [3] is earliest, but Abadi's [4] (published as a Technical Report) contains extra goodies such as consideration of off-line brute force attacks on weak keys used in communication protocols and a comparison to the more widely used key- strengthening of iterated hashing. [1] http://www.cse.ucsc.edu/~abadi [2] http://research.microsoft.com/users/needham/ [3] http://citeseer.nj.nec.com/manber96simple.html [4] http://www.cse.ucsc.edu/~abadi/Papers/pwd-revised.ps """ Regards, Zooko --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]