[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S2K and Tag 0x05 Q

To: ietf-openpgp@xxxxxxx
Subject: Re: S2K and Tag 0x05 Q
From: Erron Criddle <ejc@xxxxxxxxxx>
Date: Wed, 06 Sep 2000 13:01:19 +0800
Cc: hal@xxxxxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

At 09:54 PM 5/09/2000 -0700, hal@xxxxxxxxxx wrote:

<snip>

> Do you decide what length of the S2K session key to use (in your program),
> then when the secret key needs to be extracted from the secret key-ring,
> just keep trying multiple session key lengths in block size multiples (as
> generated from the S2K specifier) until the checksum checks out OK?
>
> It seems it would be a lot easier (maybe less secure?) if a session key
> length was specified somewhere.

The session key length is always known.  It is part of the algorithm
identifier.  See section 9.2.

Oh...

I didn't link section 9.2 with the session key length of an S2K...maybe in the next revision of 2440, a simple reference to 9.2 in section 3.6 would help others who are also wondering what session key lengths to use with the S2K's.

Regards


Erron Criddle
Comasp Ltd.
Level 2, 45 Stirling Hwy
NEDLANDS  WA  6009
Australia

Fax: 08 9386 9473
Tel: 08 9386 9534

http://www.comasp.com
ejc@xxxxxxxxxx

References:
- Re: S2K and Tag 0x05 Q
  - From: hal

Prev by Date: Re: S2K and Tag 0x05 Q
Next by Date: OT Qualcomm bouncing attachments
Previous by thread: Re: S2K and Tag 0x05 Q
Next by thread: OT Qualcomm bouncing attachments
Index(es):
- Date
- Thread