Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cryptographic Functions

From: "M.B.Jr." <marcio.barbado () gmail com>
Date: Tue, 18 Aug 2009 15:02:20 -0300
Hi,


On Tue, Aug 18, 2009 at 12:50 PM, M.D.Mufambisi<mufambisi () gmail com> wrote:

1. When a passphrase is used a key in symetric cryptography, how does
the pass phrase map to the key in an algorithm like AES? ie....how
many letters correspond to 1 bit? etc?



the passphrase concept is used for asymmetric cryptography, not
symmetric. The latter uses the term "password". And it maps to no key
since it, as a matter of fact, is the "key".



Regards,




-- 
Marcio Barbado, Jr.
==============
==============
_bds Labs.

"In fact, companies that innovate on top of open standards are
advantaged because resources are freed up for higher-value work and
because market opportunities expand as the standards proliferate."
Scott Handy
Vice President Worldwide Linux and Open Source, IBM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Esta mensagem e qualquer arquivo nela contido é confidencial. "Pratica
crime de violação de telecomunicações quem, transgredindo lei ou
regulamento, exiba autógrafo ou qualquer documento ou arquivo,
divulgue ou comunique, informe ou capte, transmita a outrem ou utilize
o conteúdo, resumo, significado, interpretação, indicação ou efeito de
qualquer comunicação dirigida a terceiro." (Artigo 56 da Lei n.º 4.117
de 27 de agosto de 1962, aplicável aos crimes em telecomunicações, nos
termos do art. 215, I, da Lei 9.472/97).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE
This message including any attachments is confidential information of
B.D.S. LABS. TECNOLOGIA COMERCIAL LTDA.
Disclosure, copying or distribution is prohibited without permission
of BDS LABS. If you are not the intended recipient,  please reply to
the sender and then delete this message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: