Secure Applications of Low-Entropy Keys (1998) [12 citations — 4 self]

Download:

by John Kelsey, Bruce Schneier, Chris Hall, David Wagner

Lecture Notes in Computer Science

http://www.counterpane.com/low-entropy.pdf

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Kelsey98secureapplications,
    author = {John Kelsey and Bruce Schneier and Chris Hall and David Wagner},
    title = {Secure Applications of Low-Entropy Keys},
    booktitle = {Lecture Notes in Computer Science},
    year = {1998},
    pages = {121--134},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Abstract:

Abstract. We introduce the notion of key stretching, a mechanism to convert short s-bit keys into longer keys, such that the complexity required to brute-force search a s + t-bit keyspace is the same as the time required to brute-force search a s-bit key stretched by t bits. 1 Introduction—Why Stretch a Key? In many real-world cryptographic systems, we are, for various reasons, limited to encryption keys with relatively low-entropy. In other words, we are limited to a key that is unlikely to take on more than (say) 2 40 different values. This can happen for a variety of reasons: legacy systems that force the use of outdated

Citations

444	The Art of Computer Programming , volume 2 : Seminumerical Algorithms, Second edition – Knuth - 1981
190	Applied Cryptography, second edition – Schneier - 1996
76	A Strengthened Version of RIPEMD – Dobbertin, Preneel - 1996
70	A Cryptanalytic Time-Memory Trade-Off – Hellman - 1980
69	Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security", available at http://www.counterpane.com/keylength.html – Blaze, Diffie, et al.
66	Efficient DES Key Search – Wiener - 1996
23	UNIX Password Security – Morris, Thompson - 1979
15	A simple scheme to make passwords based on one-way functions much harder to crack. Comput Secur 15:171–176 – Manber - 1996
13	Private communication – Abadi
4	A Cryptanalytic Time-Memory Trade O – Hellman - 1980
1	The Importance of `Good' Key Schemes (How to Make a Secure DES with 48 Bit Keys – Quisquater, Desmedt, et al. - 1986
1	personal communication – Trei - 1997
1	Theoretical analysis of hash iteration We give the proof of Theorem 1 here. First, we must prove the following lemma: Lemma 2. Suppose we can evaluate the 2 m -th iterate of a b-bit hash function h in 2 m /l time on average, for some m < b/4. Then we can – Wiener, Search - 1994

View or Download | Add to My Collection | Correct Errors