[147624] in cryptography@c2.net mail archive
[Cryptography] Key stretching
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Fri Oct 11 13:33:33 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 11 Oct 2013 11:26:58 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6685579623607597417==
Content-Type: multipart/alternative; boundary=001a11c23c5cd4599204e878bf01
--001a11c23c5cd4599204e878bf01
Content-Type: text/plain; charset=ISO-8859-1
All,
Quick question, anyone got a good scheme for key stretching?
I have this scheme for managing private keys that involves storing them as
encrypted PKCS#8 blobs in the cloud.
AES128 seems a little on the weak side for this but there are (rare)
circumstances where a user is going to need to type in the key for recovery
purposes so I don't want more than 128 bits of key to type in (I am betting
that 128 bits is going to be sufficient to the end of Moore's law).
So the answer is to use AES 256 and stretch the key, but how? I could just
repeat the key:
K = k + k
Related key attacks make me a little nervous though. Maybe:
K = (k + 01234567) XOR SHA512 (k)
--
Website: http://hallambaker.com/
--001a11c23c5cd4599204e878bf01
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">All,<div><br></div><div>Quick question, anyone got a good =
scheme for key stretching?</div><div><br></div><div>I have this scheme for =
managing private keys that involves storing them as encrypted PKCS#8 blobs =
in the cloud.</div>
<div><br></div><div>AES128 seems a little on the weak side for this but the=
re are (rare) circumstances where a user is going to need to type in the ke=
y for recovery purposes so I don't want more than 128 bits of key to ty=
pe in (I am betting that 128 bits is going to be sufficient to the end of M=
oore's law).</div>
<div><br></div><div><br></div><div>So the answer is to use AES 256 and stre=
tch the key, but how? I could just repeat the key:</div><div><br></div><div=
>K =3D k + k</div><div><br></div><div>Related key attacks make me a little =
nervous though. Maybe:</div>
<div><br></div><div>K =3D (k + 01234567) XOR SHA512 (k)</div><div><br clear=
=3D"all"><div><br></div>-- <br>Website: <a href=3D"http://hallambaker.com/"=
>http://hallambaker.com/</a><br>
</div></div>
--001a11c23c5cd4599204e878bf01--
--===============6685579623607597417==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6685579623607597417==--
