On Wed, Aug 19, 2009 at 08:31:33AM +0200, M.D.Mufambisi wrote:
> Ok. Thanks. I have an SHA-1 hash of a file and the digest is
> DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Is this160 bit? How does the
> output map to 160 bits?
That hash is 40 characters, and since each hex digit is 4 bits,
40 x 4 = 160 bits.
This might help:
An Illustrated Guide to Cryptographic Hashes
http://unixwiz.net/techtips/iguide-crypto-hashes.html
Steve
>
> On 8/18/09, Shailesh Rangari <shailesh.sf (at) gmail (dot) com [email concealed]> wrote:
> > Hi Munyaradzi,
> >
> > On Tue, Aug 18, 2009 at 2:02 PM, Jeffrey Walton <noloader (at) gmail (dot) com [email concealed]> wrote:
> >
> >> Hi Munyaradzi,
> >>
> >> > When a passphrase is used a key in symetric
> >> > cryptography, how does the pass phrase map to
> >> > the key in an algorithm like AES
> >>
> >> The passphrase should be derived using a KDF. KDFs includes salts and
> >> iteration counts. Quite a few bodies offer guidance on KDFs - NIST,
> >> RFC, IETF, and ANSI to name a few.
> >>
> >> > how many letters correspond to 1 bit?
> >> Don't know what you are asking here. The KDF should provide sufficent
> >> 'mixing' such that no information can be gained from 1 bit of output
> >> (either 1 or 0 is equally probable). Otherwise, its not a very good
> >> KDF.
> >
> >
> > I second that.
> > Also, assuming that a strong Hash Function is being used, then it is
> > difficult to ascertain how many letter(s) would correspond to 1 bit - for
> > one of the essential properties of a Hash Function is that it takes in an
> > 'Arbitrary' length of input(key, passphrase, message, etc) and converts it
> > into a 'Unique', 'Fixed' length output (hash). A Key Len of 128, 256, 512
> > Bit if hashed with SHA-1, then the output would necessarily be 160 Bits
> > only.
> >
> >>
> >>
> >> Jeff
> >>
> >> On 8/18/09, M.D.Mufambisi <mufambisi (at) gmail (dot) com [email concealed]> wrote:
> >> > Hello people.
> >> >
> >> > 1. When a passphrase is used a key in symetric cryptography, how does
> >> > the pass phrase map to the key in an algorithm like AES? ie....how
> >> > many letters correspond to 1 bit? etc?
> >> >
> >> >
> >> > Regards
> >> >
> >> > Munyaradzi Mufambisi
> >> >
> >>
> >
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
--
Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494
steve (at) unixwiz (dot) net [email concealed] | Orange County, CA | Microsoft MVP | unixwiz.net
> Ok. Thanks. I have an SHA-1 hash of a file and the digest is
> DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Is this160 bit? How does the
> output map to 160 bits?
That hash is 40 characters, and since each hex digit is 4 bits,
40 x 4 = 160 bits.
This might help:
An Illustrated Guide to Cryptographic Hashes
http://unixwiz.net/techtips/iguide-crypto-hashes.html
Steve
>
> On 8/18/09, Shailesh Rangari <shailesh.sf (at) gmail (dot) com [email concealed]> wrote:
> > Hi Munyaradzi,
> >
> > On Tue, Aug 18, 2009 at 2:02 PM, Jeffrey Walton <noloader (at) gmail (dot) com [email concealed]> wrote:
> >
> >> Hi Munyaradzi,
> >>
> >> > When a passphrase is used a key in symetric
> >> > cryptography, how does the pass phrase map to
> >> > the key in an algorithm like AES
> >>
> >> The passphrase should be derived using a KDF. KDFs includes salts and
> >> iteration counts. Quite a few bodies offer guidance on KDFs - NIST,
> >> RFC, IETF, and ANSI to name a few.
> >>
> >> > how many letters correspond to 1 bit?
> >> Don't know what you are asking here. The KDF should provide sufficent
> >> 'mixing' such that no information can be gained from 1 bit of output
> >> (either 1 or 0 is equally probable). Otherwise, its not a very good
> >> KDF.
> >
> >
> > I second that.
> > Also, assuming that a strong Hash Function is being used, then it is
> > difficult to ascertain how many letter(s) would correspond to 1 bit - for
> > one of the essential properties of a Hash Function is that it takes in an
> > 'Arbitrary' length of input(key, passphrase, message, etc) and converts it
> > into a 'Unique', 'Fixed' length output (hash). A Key Len of 128, 256, 512
> > Bit if hashed with SHA-1, then the output would necessarily be 160 Bits
> > only.
> >
> >>
> >>
> >> Jeff
> >>
> >> On 8/18/09, M.D.Mufambisi <mufambisi (at) gmail (dot) com [email concealed]> wrote:
> >> > Hello people.
> >> >
> >> > 1. When a passphrase is used a key in symetric cryptography, how does
> >> > the pass phrase map to the key in an algorithm like AES? ie....how
> >> > many letters correspond to 1 bit? etc?
> >> >
> >> >
> >> > Regards
> >> >
> >> > Munyaradzi Mufambisi
> >> >
> >>
> >
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
--
Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494
steve (at) unixwiz (dot) net [email concealed] | Orange County, CA | Microsoft MVP | unixwiz.net
[ reply ]