Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cryptographic Functions

From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 18 Aug 2009 14:02:04 -0400
Hi Munyaradzi,


When a passphrase is used a key in symetric
cryptography, how does the pass phrase map to
the key in an algorithm like AES


The passphrase should be derived using a KDF. KDFs includes salts and
iteration counts. Quite a few bodies offer guidance on KDFs - NIST,
RFC, IETF, and ANSI to name a few.


how many letters correspond to 1 bit?

Don't know what you are asking here. The KDF should provide sufficent
'mixing' such that no information can be gained from 1 bit of output
(either 1 or 0 is equally probable). Otherwise, its not a very good
KDF.

Jeff

On 8/18/09, M.D.Mufambisi <mufambisi () gmail com> wrote:

Hello people.

1. When a passphrase is used a key in symetric cryptography, how does
the pass phrase map to the key in an algorithm like AES? ie....how
many letters correspond to 1 bit? etc?


Regards

Munyaradzi Mufambisi



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: