Re: Cryptographic Functions

["M.D.Mufambisi" <mufambisi () gmail com>]

I understand now. The digest i sent earlier is in HEX and it contains
40 characters. So this is 16^40 which is equal to 2^160. So yeah, i
understand that bit now. Going back to the ealier question on
bits.....it was linked to the information theory and shannons entropy.
When they say english has an entropy of 1.1bits....what does that
mean? Is high or low entropy desirable? An example would be good.
Thanks people.

On 8/19/09, M.D.Mufambisi <mufambisi () gmail com> wrote:
> Ok. Thanks. I have an SHA-1 hash of a file and the digest is
> DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Is this160 bit? How does the
> output map to 160 bits?
>
> On 8/18/09, Shailesh Rangari <shailesh.sf () gmail com> wrote:
> > Hi Munyaradzi,
> >
> > On Tue, Aug 18, 2009 at 2:02 PM, Jeffrey Walton <noloader () gmail com>
> > wrote:
> >
> > > Hi Munyaradzi,
> > >
> > > > When a passphrase is used a key in symetric
> > > > cryptography, how does the pass phrase map to
> > > > the key in an algorithm like AES
> > >
> > > The passphrase should be derived using a KDF. KDFs includes salts and
> > > iteration counts. Quite a few bodies offer guidance on KDFs - NIST,
> > > RFC, IETF, and ANSI to name a few.
> > >
> > > > how many letters correspond to 1 bit?
> > > Don't know what you are asking here. The KDF should provide sufficent
> > > 'mixing' such that no information can be gained from 1 bit of output
> > > (either 1 or 0 is equally probable). Otherwise, its not a very good
> > > KDF.
> >
> >
> > I second that.
> > Also, assuming that a strong Hash Function is being used, then it is
> > difficult to ascertain how many letter(s) would correspond to 1 bit - for
> > one of the essential properties of a Hash Function is that it takes in an
> > 'Arbitrary' length of input(key, passphrase, message, etc) and converts
> > it
> > into a 'Unique', 'Fixed' length output (hash). A Key Len of 128, 256, 512
> > Bit if hashed with SHA-1, then the output would necessarily be 160 Bits
> > only.
> >
> > > Jeff
> > >
> > > On 8/18/09, M.D.Mufambisi <mufambisi () gmail com> wrote:
> > > > Hello people.
> > > >
> > > > 1. When a passphrase is used a key in symetric cryptography, how does
> > > > the pass phrase map to the key in an algorithm like AES? ie....how
> > > > many letters correspond to 1 bit? etc?
> > > >
> > > >
> > > > Regards
> > > >
> > > > Munyaradzi Mufambisi

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------